发布时间: 2022年12月30日
修改时间: 2024年10月31日
Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | Low | Low |
| Attack Vector | Network | Network |
| CVSS评分 | 6.1 | 6.1 |
| Attack Complexity | Low | Low |
| Privileges Required | None | None |
| Scope | Changed | Changed |
| Integrity | Low | Low |
| User Interaction | Required | Required |
| Availability | None | None |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2022-2756 | trafficserver security update | 2022年12月30日 |
| KylinSec-SA-2022-2821 | trafficserver security update | 2022年12月30日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-4A | trafficserver | Fixed |
| KY3.4-5 | trafficserver | Fixed |
