{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93223?format=json","vulnerability_id":"VCID-scpg-5hcj-5yd3","summary":"Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding.","aliases":[{"alias":"CVE-2017-5659"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/941480?format=json","purl":"pkg:deb/debian/trafficserver@7.0.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.0.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1037082?format=json","purl":"pkg:deb/debian/trafficserver@7.0.0-4~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41x7-hv4u-byb9"},{"vulnerability":"VCID-4men-293s-3bhn"},{"vulnerability":"VCID-4wwn-74ac-p7dp"},{"vulnerability":"VCID-568b-s8ks-vfa6"},{"vulnerability":"VCID-5781-s1ny-q7ey"},{"vulnerability":"VCID-6bwv-cd3d-mudb"},{"vulnerability":"VCID-73aa-rk27-tye1"},{"vulnerability":"VCID-7nhc-5p2x-t3cj"},{"vulnerability":"VCID-931v-ukcc-6qaa"},{"vulnerability":"VCID-aqt5-2ffy-9bgs"},{"vulnerability":"VCID-au6q-ek7r-8bgr"},{"vulnerability":"VCID-b7zx-ywwc-57d9"},{"vulnerability":"VCID-bb5y-kjej-bbfm"},{"vulnerability":"VCID-bdgg-edbf-xfav"},{"vulnerability":"VCID-btm9-vxvc-3qhv"},{"vulnerability":"VCID-c5hc-3jtx-k3a6"},{"vulnerability":"VCID-c675-5njd-63hk"},{"vulnerability":"VCID-cbe5-hhz8-bqbn"},{"vulnerability":"VCID-cscf-sb71-jybq"},{"vulnerability":"VCID-esap-nkps-cfg9"},{"vulnerability":"VCID-fmwc-nmhh-ryaf"},{"vulnerability":"VCID-fq5y-b9yq-nbee"},{"vulnerability":"VCID-hbte-dsw2-y7ad"},{"vulnerability":"VCID-j6r7-ypa1-zybv"},{"vulnerability":"VCID-jabw-thzt-63bb"},{"vulnerability":"VCID-jb1b-9gr2-suez"},{"vulnerability":"VCID-jdjf-3w9k-xbaw"},{"vulnerability":"VCID-k2ks-3t6e-uqgu"},{"vulnerability":"VCID-msu4-5h99-2yaq"},{"vulnerability":"VCID-n66u-b73u-zucb"},{"vulnerability":"VCID-nbwy-fdv2-uydt"},{"vulnerability":"VCID-p5f7-uu6r-8bez"},{"vulnerability":"VCID-pxaf-6qxa-77h9"},{"vulnerability":"VCID-qwmj-ez4q-7qex"},{"vulnerability":"VCID-r86j-zujn-f7ez"},{"vulnerability":"VCID-rcdg-j23x-xfbn"},{"vulnerability":"VCID-rw58-bnwt-2bam"},{"vulnerability":"VCID-skrs-cynm-r7du"},{"vulnerability":"VCID-t559-a5u6-4ke1"},{"vulnerability":"VCID-u5qg-vszr-9ye2"},{"vulnerability":"VCID-ue7s-pn8b-vydz"},{"vulnerability":"VCID-uhqf-tsxe-ayc2"},{"vulnerability":"VCID-uhxq-9bzs-u3fd"},{"vulnerability":"VCID-uy1m-av2n-jybt"},{"vulnerability":"VCID-va7d-ktp2-m7et"},{"vulnerability":"VCID-w42s-4aps-y3c5"},{"vulnerability":"VCID-waer-as81-8fed"},{"vulnerability":"VCID-xh97-4sn5-vyfw"},{"vulnerability":"VCID-xwdc-hndy-yubc"},{"vulnerability":"VCID-xwru-y5m9-gucd"},{"vulnerability":"VCID-zmh1-wmct-uyf7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.0.0-4~bpo8%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/941472?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4738-xk8n-hbac"},{"vulnerability":"VCID-4hs3-be7k-9qe7"},{"vulnerability":"VCID-4uhe-mtbx-nfdu"},{"vulnerability":"VCID-5e1r-3jec-tkhp"},{"vulnerability":"VCID-c62p-6ghw-j3dv"},{"vulnerability":"VCID-eay7-63um-43e9"},{"vulnerability":"VCID-kjah-am9e-xkev"},{"vulnerability":"VCID-tevw-8dcp-yfh6"},{"vulnerability":"VCID-ww3t-p3pq-gkhy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/941470?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/941473?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4738-xk8n-hbac"},{"vulnerability":"VCID-4hs3-be7k-9qe7"},{"vulnerability":"VCID-4uhe-mtbx-nfdu"},{"vulnerability":"VCID-5e1r-3jec-tkhp"},{"vulnerability":"VCID-c62p-6ghw-j3dv"},{"vulnerability":"VCID-eay7-63um-43e9"},{"vulnerability":"VCID-jabw-thzt-63bb"},{"vulnerability":"VCID-kjah-am9e-xkev"},{"vulnerability":"VCID-rcdg-j23x-xfbn"},{"vulnerability":"VCID-tevw-8dcp-yfh6"},{"vulnerability":"VCID-ww3t-p3pq-gkhy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037080?format=json","purl":"pkg:deb/debian/trafficserver@3.0.5-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41x7-hv4u-byb9"},{"vulnerability":"VCID-4js5-31yx-gkf1"},{"vulnerability":"VCID-4men-293s-3bhn"},{"vulnerability":"VCID-4wwn-74ac-p7dp"},{"vulnerability":"VCID-568b-s8ks-vfa6"},{"vulnerability":"VCID-5781-s1ny-q7ey"},{"vulnerability":"VCID-6bwv-cd3d-mudb"},{"vulnerability":"VCID-73aa-rk27-tye1"},{"vulnerability":"VCID-7nhc-5p2x-t3cj"},{"vulnerability":"VCID-8aev-nmwa-fkcg"},{"vulnerability":"VCID-931v-ukcc-6qaa"},{"vulnerability":"VCID-9pd6-v7d1-9qem"},{"vulnerability":"VCID-9rs4-uvph-3yh7"},{"vulnerability":"VCID-aqt5-2ffy-9bgs"},{"vulnerability":"VCID-au6q-ek7r-8bgr"},{"vulnerability":"VCID-b7zx-ywwc-57d9"},{"vulnerability":"VCID-bb5y-kjej-bbfm"},{"vulnerability":"VCID-bdgg-edbf-xfav"},{"vulnerability":"VCID-btm9-vxvc-3qhv"},{"vulnerability":"VCID-c5hc-3jtx-k3a6"},{"vulnerability":"VCID-c675-5njd-63hk"},{"vulnerability":"VCID-cbe5-hhz8-bqbn"},{"vulnerability":"VCID-cscf-sb71-jybq"},{"vulnerability":"VCID-esap-nkps-cfg9"},{"vulnerability":"VCID-fmwc-nmhh-ryaf"},{"vulnerability":"VCID-fq5y-b9yq-nbee"},{"vulnerability":"VCID-hbte-dsw2-y7ad"},{"vulnerability":"VCID-j6r7-ypa1-zybv"},{"vulnerability":"VCID-jabw-thzt-63bb"},{"vulnerability":"VCID-jb1b-9gr2-suez"},{"vulnerability":"VCID-jdjf-3w9k-xbaw"},{"vulnerability":"VCID-k2ks-3t6e-uqgu"},{"vulnerability":"VCID-khz4-1uav-cqgg"},{"vulnerability":"VCID-m8p8-5n65-qyhy"},{"vulnerability":"VCID-msu4-5h99-2yaq"},{"vulnerability":"VCID-n66u-b73u-zucb"},{"vulnerability":"VCID-nbwy-fdv2-uydt"},{"vulnerability":"VCID-p5f7-uu6r-8bez"},{"vulnerability":"VCID-pxaf-6qxa-77h9"},{"vulnerability":"VCID-qwmj-ez4q-7qex"},{"vulnerability":"VCID-r86j-zujn-f7ez"},{"vulnerability":"VCID-rcdg-j23x-xfbn"},{"vulnerability":"VCID-rw58-bnwt-2bam"},{"vulnerability":"VCID-scpg-5hcj-5yd3"},{"vulnerability":"VCID-skrs-cynm-r7du"},{"vulnerability":"VCID-t559-a5u6-4ke1"},{"vulnerability":"VCID-u4tn-85je-n7gt"},{"vulnerability":"VCID-u5qg-vszr-9ye2"},{"vulnerability":"VCID-ue7s-pn8b-vydz"},{"vulnerability":"VCID-uhqf-tsxe-ayc2"},{"vulnerability":"VCID-uhxq-9bzs-u3fd"},{"vulnerability":"VCID-uvhz-uspt-7ygz"},{"vulnerability":"VCID-uy1m-av2n-jybt"},{"vulnerability":"VCID-va7d-ktp2-m7et"},{"vulnerability":"VCID-w42s-4aps-y3c5"},{"vulnerability":"VCID-waer-as81-8fed"},{"vulnerability":"VCID-xh97-4sn5-vyfw"},{"vulnerability":"VCID-xwdc-hndy-yubc"},{"vulnerability":"VCID-xwru-y5m9-gucd"},{"vulnerability":"VCID-zmh1-wmct-uyf7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@3.0.5-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1037081?format=json","purl":"pkg:deb/debian/trafficserver@6.2.0-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41x7-hv4u-byb9"},{"vulnerability":"VCID-4men-293s-3bhn"},{"vulnerability":"VCID-4wwn-74ac-p7dp"},{"vulnerability":"VCID-568b-s8ks-vfa6"},{"vulnerability":"VCID-5781-s1ny-q7ey"},{"vulnerability":"VCID-6bwv-cd3d-mudb"},{"vulnerability":"VCID-73aa-rk27-tye1"},{"vulnerability":"VCID-7nhc-5p2x-t3cj"},{"vulnerability":"VCID-8aev-nmwa-fkcg"},{"vulnerability":"VCID-931v-ukcc-6qaa"},{"vulnerability":"VCID-aqt5-2ffy-9bgs"},{"vulnerability":"VCID-au6q-ek7r-8bgr"},{"vulnerability":"VCID-b7zx-ywwc-57d9"},{"vulnerability":"VCID-bb5y-kjej-bbfm"},{"vulnerability":"VCID-bdgg-edbf-xfav"},{"vulnerability":"VCID-btm9-vxvc-3qhv"},{"vulnerability":"VCID-c5hc-3jtx-k3a6"},{"vulnerability":"VCID-c675-5njd-63hk"},{"vulnerability":"VCID-cbe5-hhz8-bqbn"},{"vulnerability":"VCID-cscf-sb71-jybq"},{"vulnerability":"VCID-esap-nkps-cfg9"},{"vulnerability":"VCID-fmwc-nmhh-ryaf"},{"vulnerability":"VCID-fq5y-b9yq-nbee"},{"vulnerability":"VCID-hbte-dsw2-y7ad"},{"vulnerability":"VCID-j6r7-ypa1-zybv"},{"vulnerability":"VCID-jabw-thzt-63bb"},{"vulnerability":"VCID-jb1b-9gr2-suez"},{"vulnerability":"VCID-jdjf-3w9k-xbaw"},{"vulnerability":"VCID-k2ks-3t6e-uqgu"},{"vulnerability":"VCID-m8p8-5n65-qyhy"},{"vulnerability":"VCID-msu4-5h99-2yaq"},{"vulnerability":"VCID-n66u-b73u-zucb"},{"vulnerability":"VCID-nbwy-fdv2-uydt"},{"vulnerability":"VCID-p5f7-uu6r-8bez"},{"vulnerability":"VCID-pxaf-6qxa-77h9"},{"vulnerability":"VCID-qwmj-ez4q-7qex"},{"vulnerability":"VCID-r86j-zujn-f7ez"},{"vulnerability":"VCID-rcdg-j23x-xfbn"},{"vulnerability":"VCID-rw58-bnwt-2bam"},{"vulnerability":"VCID-scpg-5hcj-5yd3"},{"vulnerability":"VCID-skrs-cynm-r7du"},{"vulnerability":"VCID-t559-a5u6-4ke1"},{"vulnerability":"VCID-u5qg-vszr-9ye2"},{"vulnerability":"VCID-ue7s-pn8b-vydz"},{"vulnerability":"VCID-uhqf-tsxe-ayc2"},{"vulnerability":"VCID-uhxq-9bzs-u3fd"},{"vulnerability":"VCID-uy1m-av2n-jybt"},{"vulnerability":"VCID-va7d-ktp2-m7et"},{"vulnerability":"VCID-w42s-4aps-y3c5"},{"vulnerability":"VCID-waer-as81-8fed"},{"vulnerability":"VCID-xh97-4sn5-vyfw"},{"vulnerability":"VCID-xwdc-hndy-yubc"},{"vulnerability":"VCID-xwru-y5m9-gucd"},{"vulnerability":"VCID-zmh1-wmct-uyf7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@6.2.0-1~bpo8%252B1"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5659","reference_id":"","reference_type":"","scores":[{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83697","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83681","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.8348","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83493","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83507","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83508","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83532","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83542","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83556","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83551","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83546","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.8358","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83581","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83583","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83607","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83614","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83618","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83642","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83662","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.8368","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5659","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5659"},{"reference_url":"https://issues.apache.org/jira/browse/TS-4819","reference_id":"","reference_type":"","scores":[],"url":"https://issues.apache.org/jira/browse/TS-4819"},{"reference_url":"http://www.securityfocus.com/bid/97949","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97949"},{"reference_url":"http://www.securitytracker.com/id/1038275","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038275"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5659","reference_id":"CVE-2017-5659","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5659"}],"weaknesses":[{"cwe_id":20,"name":"Improper Input Validation","description":"The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly."}],"exploits":[],"severity_range_score":"5.0 - 7.5","exploitability":"0.5","weighted_severity":"6.8","risk_score":3.4,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scpg-5hcj-5yd3"}