Home > Vulnerability Database > CVE-2024-38311

Mend.io Vulnerability Database

CVE-2024-38311

Date: March 6, 2025

ATS is vulnerable to equest smuggling via pipelining after a chunked message body. This affects ATS 9.0.0 to 9.2.8, and ATS 10.0.0 to 10.0.3. 9.x users should upgrade to 9.2.9 or later versions, 10.x users should upgrade to 10.0.4 or later versions.

Severity Score

6.3

Related Resources (5)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-38311

Url: https://security-tracker.debian.org/tracker/CVE-2024-38311

Url: https://seclists.org/oss-sec/2025/q1/172

Url: https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023

Url: https://www.mend.io/vulnerability-database/CVE-2024-38311

Severity Score

6.3

Weakness Type (CWE)

Improper Input Validation

CWE-20

CVSS v3.1

Base Score:	6.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2024-38311

Date: March 6, 2025

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?