VulnerableCode Package Details - pkg:deb/ubuntu/trafficserver@8.0.5%2Bds-2build1

Search for packages

Package details: pkg:deb/ubuntu/trafficserver@8.0.5%2Bds-2build1

Essentials
History (0)

purl	pkg:deb/ubuntu/trafficserver@8.0.5%2Bds-2build1

Next non-vulnerable version	8.0.5+ds-3
Latest non-vulnerable version	8.0.5+ds-3
Risk	4.5

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-tbrp-5sm7-aaak Aliases: CVE-2019-9518	Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU.	8.0.5+ds-3 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version