Search for vulnerabilities
Vulnerability details: VCID-brww-7prv-rydz
Vulnerability ID VCID-brww-7prv-rydz
Aliases CVE-2022-32749
Summary Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an attacker to crash the server under certain conditions. This issue affects Apache Traffic Server: from 8.0.0 through 9.1.3.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-754 Improper Check for Unusual or Exceptional Conditions
System Score Found at
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2022-32749
cvssv3.1 7.5 https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
ssvc Track https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32749
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-32749
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392
cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*
CVE-2022-32749 https://nvd.nist.gov/vuln/detail/CVE-2022-32749
mrj2lg4s0hf027rk7gz8t7hbn9xpfg02 https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-17T14:20:46Z/ Found at https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-32749
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.59488
EPSS Score 0.00393
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T09:54:58.707727+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2022/32xxx/CVE-2022-32749.json 37.0.0