CVE-2024-50305

Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue.

CVSS

No CVSS.

References

Link	Resource
https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y	Mailing List Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:traffic_server:*:-:*:*:*:*:*:*

History

04 Jun 2025, 16:15

Type	Values Removed	Values Added
CWE	~~CWE-20~~
First Time		Apache traffic Server Apache
References	~~() https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y -~~	() https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y - Mailing List, Vendor Advisory
CPE		cpe:2.3:a:apache:traffic_server::-::::::*

14 Nov 2024, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-14 10:15

Updated : 2025-06-04 16:15

NVD link : CVE-2024-50305

Mitre link : CVE-2024-50305

JSON object : View

Products Affected

apache

traffic_server

CWE

No CWE.

JSON object

Attach tags to CVE-2024-50305

Attach tags to `CVE-2024-50305`