CVE-2020-17509

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-17509
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-17509.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-17509
Related
Published
2021-01-11T10:15:13Z
Modified
2024-06-06T13:09:37.895718Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

ATS negative cache option is vulnerable to a cache poisoning attack. If you have this option enabled, please upgrade or disable this feature. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 to 8.1.0 are affected.

References

Affected packages

Git / github.com/apache/trafficserver

Affected versions

8.*

8.0.0
8.0.0-rc4
8.0.1
8.0.1-rc0
8.0.2
8.0.2-rc0
8.0.3
8.0.3-rc0
8.0.4
8.0.4-rc0
8.0.5
8.0.6
8.0.6-rc0
8.0.6-rc1
8.0.7
8.0.7-rc0