CVE-2024-38479

Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue.

CVSS

No CVSS.

References

Link	Resource
https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y	Mailing List Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:traffic_server::-::::::*
	cpe:2.3:a:apache:traffic_server::::::::

History

03 Jun 2025, 21:21

Type	Values Removed	Values Added
CWE	~~CWE-20~~	NVD-CWE-noinfo
CPE		cpe:2.3:a:apache:traffic_server::-::::::* cpe:2.3:a:apache:traffic_server::::::::
First Time		Apache traffic Server Apache
References	~~() https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y -~~	() https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y - Mailing List, Vendor Advisory

14 Nov 2024, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-14 10:15

Updated : 2025-06-03 21:21

NVD link : CVE-2024-38479

Mitre link : CVE-2024-38479

JSON object : View

Products Affected

apache

traffic_server

CWE

NVD-CWE-noinfo

JSON object

Attach tags to CVE-2024-38479

Attach tags to `CVE-2024-38479`