Expected Behavior Violation vulnerability in Apache Traffic Server.
This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3.
Users are recommended to upgrade to versions 9.2.9 or 10.0.4 or newer, which fixes the issue.
Weakness
A feature, API, or function does not perform according to its specification.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Traffic_server | Apache | 9.0.0 (including) | 9.2.9 (excluding) |
| Traffic_server | Apache | 10.0.0 (including) | 10.0.4 (excluding) |
| Trafficserver | Ubuntu | esm-apps/jammy | * |
| Trafficserver | Ubuntu | esm-apps/noble | * |
| Trafficserver | Ubuntu | focal | * |
| Trafficserver | Ubuntu | jammy | * |
| Trafficserver | Ubuntu | noble | * |
| Trafficserver | Ubuntu | oracular | * |
| Trafficserver | Ubuntu | plucky | * |
| Trafficserver | Ubuntu | questing | * |
| Trafficserver | Ubuntu | upstream | * |