CVE-2017-7671

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-7671

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7671.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-7671

Related

UBUNTU-CVE-2017-7671

Published

2018-02-27T20:29:00Z

Modified

2024-11-21T03:32:25Z

Downstream

DSA-4128-1

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump.

References

Affected packages

Debian:11 / trafficserver

Package

Name: trafficserver
Purl: pkg:deb/debian/trafficserver?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.1.2+ds-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / trafficserver

Package

Name: trafficserver
Purl: pkg:deb/debian/trafficserver?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.1.2+ds-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/apache/trafficserver

Affected ranges

Type: GIT
Repo: https://github.com/apache/trafficserver
Events: Last affected

6c1c6cf20e7d0e287d697a0f4181436013d17c30

Last affected

a57be23251358e6ac97442ebde3dae8d95d94846

Introduced

cad13d9c6fa6454f7bd3664bdae7e1a91a871e94

Last affected

cc74be0788e14bb1b22edace392817048ea31011