Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31778)

Description

Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2.

Remediation

References

CVE-2022-31778

Related Vulnerabilities

PHP Improper Input Validation Vulnerability (CVE-2014-3480)

WordPress Plugin Facebook Page Photo Gallery Cross-Site Scripting (2.0.9)

WordPress Plugin WCFM-Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible Unspecified Vulnerability (6.5.12)

WordPress Plugin Stealth Login Page Unspecified Vulnerability (1.1.3)

Apache httpd remote denial of service

Severity

High

Classification

CVE-2022-31778 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N