VulnerableCode Package Details - pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid

purl	pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-4hs3-be7k-9qe7	Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1. Users are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue.	CVE-2025-65114
VCID-ww3t-p3pq-gkhy	A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to set proxy.config.http.request_buffer_enabled to 0 (the default value is 0).	CVE-2025-58136

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-06T03:06:48.168190+00:00	Debian Importer	Fixing	VCID-4hs3-be7k-9qe7	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-06T03:06:48.131841+00:00	Debian Importer	Fixing	VCID-ww3t-p3pq-gkhy	https://security-tracker.debian.org/tracker/data/json	38.1.0