Description
The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function.
Remediation
References
Related Vulnerabilities
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1000395)
WordPress Plugin Stripe Payment for WooCommerce Cross-Site Scripting (3.5.9)
PHP Improper Input Validation Vulnerability (CVE-2012-0831)
WordPress Plugin Top Quark Architecture 'script.php' Arbitrary File Upload (2.1.0)