
We found results for “”
CVE-2024-53868
Good to know:

Date: April 3, 2025
Apache Traffic Server (ATS) 9.x through 9.2.9 and 10.x through 10.0.4 is vulnerable to request smuggling via chunked messages. The vulnerability is fixed in 9.2.10 and 10.0.5.
Severity Score
Related Resources (6)
Severity Score
Weakness Type (CWE)
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-444Top Fix

Upgrade Version
Upgrade to version https://github.com/apache/trafficserver.git - 9.2.10;https://github.com/apache/trafficserver.git - 10.0.5
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | NONE |