VulnerableCode Package Details - pkg:deb/debian/trafficserver@9.2.5%2Bds-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-4964-fbua-d3dh Aliases: CVE-2024-38311	Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue.	There are no reported fixed by versions.
VCID-4nrj-yn3r-fye2 Aliases: CVE-2024-50305	Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue.	There are no reported fixed by versions.
VCID-ew3m-w5p7-skhh Aliases: CVE-2024-56202	Expected Behavior Violation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to versions 9.2.9 or 10.0.4 or newer, which fixes the issue.	There are no reported fixed by versions.
VCID-h9wv-5sxv-87e9 Aliases: CVE-2024-50306	Unchecked return value can allow Apache Traffic Server to retain privileges on startup. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5, from 10.0.0 through 10.0.1. Users are recommended to upgrade to version 9.2.6 or 10.0.2, which fixes the issue.	There are no reported fixed by versions.
VCID-nm4c-5vwj-m7cz Aliases: CVE-2024-38479	Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue.	There are no reported fixed by versions.
VCID-xkj8-pxen-xfaw Aliases: CVE-2024-56195	Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-4964-fbua-d3dh
Aliases:
CVE-2024-38311

Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue.