Read Time:8 Second
Several vulnerabilities were discovered in Apache Traffic Server, a
reverse and forward proxy server, which could result in HTTP request
smuggling, cache poisoning or information disclosure.
Category Archives: Advisories
trafficserver-9.1.3-1.el9
Read Time:11 Second
FEDORA-EPEL-2022-3256bd6d96
Packages in this update:
trafficserver-9.1.3-1.el9
Update description:
Update to 9.1.3, resolves CVE-2022-25763, CVE-2022-31779, CVE-2021-37150, CVE-2022-28129, CVE-2022-31780
trafficserver-9.1.3-1.el8
Read Time:11 Second
FEDORA-EPEL-2022-d7916edd2e
Packages in this update:
trafficserver-9.1.3-1.el8
Update description:
Update to 9.1.3, resolves CVE-2022-25763, CVE-2022-31779, CVE-2021-37150, CVE-2022-28129, CVE-2022-31780
trafficserver-9.1.3-1.el7
Read Time:11 Second
FEDORA-EPEL-2022-aa30752bd2
Packages in this update:
trafficserver-9.1.3-1.el7
Update description:
Update to 9.1.3, resolves CVE-2022-25763, CVE-2022-31779, CVE-2021-37150, CVE-2022-28129, CVE-2022-31780
trafficserver-9.1.3-1.fc35
Read Time:11 Second
FEDORA-2022-9832c0c04b
Packages in this update:
trafficserver-9.1.3-1.fc35
Update description:
Update to 9.1.3, resolves CVE-2022-25763, CVE-2022-31779, CVE-2021-37150, CVE-2022-28129, CVE-2022-31780
trafficserver-9.1.3-1.fc36
Read Time:11 Second
FEDORA-2022-23043f5a0b
Packages in this update:
trafficserver-9.1.3-1.fc36
Update description:
Update to 9.1.3, resolves CVE-2022-25763, CVE-2022-31779, CVE-2021-37150, CVE-2022-28129, CVE-2022-31780
CVE-2021-0734 (android)
Read Time:18 Second
In Settings, there is a possible way to determine whether an app is installed without query permissions, due to side channel information disclosure. This could lead to local information disclosure of an installed package, without proper query permissions, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-189122911
CVE-2021-0735 (android)
Read Time:16 Second
In PackageManager, there is a possible way to get information about installed packages ignoring limitations introduced in Android 11 due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-188913056
CVE-2021-0975 (android)
Read Time:16 Second
In USB Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure of installed packages with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-180104273
CVE-2021-22289 (studio)
Read Time:9 Second
Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network attacker to execute code.