Apache Traffic Server Crash: Update to 9.2.6 or 10.0.2 to Avoid Issues

CVE-2024-50305

Currently unrated 🤨

Key Information

Vendor: Apache
Status: Apache Traffic Server
Vendor: CVE Published:; 14 November 2024

Summary

Valid Host header field can cause Apache Traffic Server to crash on some platforms.

This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5.

Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue.

Affected Version(s)

Apache Traffic Server <= 9.2.5

References

https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh...

vendor-advisory

Timeline

Vulnerability published
Nov 14, 2024
Vulnerability Reserved
Oct 21, 2024

Collectors

NVD DatabaseMitre Database

.