CVE-2024-38311

Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue.

CVSS

No CVSS.

References

Link	Resource
https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023	Mailing List Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:traffic_server::::::::
	cpe:2.3:a:apache:traffic_server::::::::

History

29 Apr 2025, 16:34

Type	Values Removed	Values Added
CPE		cpe:2.3:a:apache:traffic_server::::::::
References	~~() https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023 -~~	() https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023 - Mailing List, Vendor Advisory
CWE		NVD-CWE-noinfo
First Time		Apache traffic Server Apache

06 Mar 2025, 16:15

Type	Values Removed	Values Added
CWE	~~CWE-20~~

06 Mar 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-06 12:15

Updated : 2025-04-29 16:34

NVD link : CVE-2024-38311

Mitre link : CVE-2024-38311

JSON object : View

Products Affected

apache

traffic_server

CWE

NVD-CWE-noinfo

JSON object

Attach tags to CVE-2024-38311

Attach tags to `CVE-2024-38311`