Known Vulnerabilities for Traffic Server by Apache
Listed below are 10 of the newest known vulnerabilities associated with "Traffic Server" by "Apache".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40434 json | Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacke... | Not Provided | 2026-04-17 | 2026-04-17 |
| CVE-2026-40396 json | Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service (daemon panic) after timeout_linger. A malicious... | Not Provided | 2026-04-12 | 2026-04-13 |
| CVE-2026-32887 json | Effect is a TypeScript framework that consists of several packages that work together to help build TypeScript applications. ... | Not Provided | 2026-03-20 | 2026-03-25 |
| CVE-2026-32105 json | xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentic... | Not Provided | 2026-04-17 | 2026-04-20 |
| CVE-2026-28367 json | A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending `\r\r\r` as a header block terminat... | Not Provided | 2026-03-27 | 2026-04-08 |
| CVE-2026-26055 json | Yoke is a Helm-inspired infrastructure-as-code (IaC) package deployer. In 0.19.0 and earlier, a vulnerability exists in the A... | Not Provided | 2026-02-12 | 2026-02-12 |
| CVE-2026-6066 json | ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate ... | Not Provided | 2026-04-20 | 2026-04-20 |
| CVE-2026-5756 json | Unauthenticated Configuration File Modification Vulnerability in DRC Central Office Services (COS) allows an attacker to modi... | Not Provided | 2026-04-14 | 2026-04-16 |
| CVE-2025-68206 json | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: add seqadj extension for natted conne... | Not Provided | 2025-12-16 | 2026-04-18 |
| CVE-2025-65114 json | Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server... | Not Provided | 2026-04-02 | 2026-04-02 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Traffic Server | 9.0.0 | |||
| Application | Apache | Traffic Server | 9.0.0 | |||
| Application | Apache | Traffic Server | 9.0.0 | |||
| Application | Apache | Traffic Server | 8.1.1 | |||
| Application | Apache | Traffic Server | 8.1.1 | |||
| Application | Apache | Traffic Server | 8.1.0 | |||
| Application | Apache | Traffic Server | 8.1.0 | |||
| Application | Apache | Traffic Server | 8.0.8 | |||
| Application | Apache | Traffic Server | 8.0.8 | |||
| Application | Apache | Traffic Server | 8.0.7 | |||
| Application | Apache | Traffic Server | 8.0.7 | |||
| Application | Apache | Traffic Server | 8.0.7 | |||
| Application | Apache | Traffic Server | 8.0.6 | |||
| Application | Apache | Traffic Server | 8.0.6 | |||
| Application | Apache | Traffic Server | 8.0.6 | |||
| Application | Apache | Traffic Server | 8.0.6 | |||
| Application | Apache | Traffic Server | 8.0.5 | |||
| Application | Apache | Traffic Server | 8.0.4 | |||
| Application | Apache | Traffic Server | 8.0.4 | |||
| Application | Apache | Traffic Server | 8.0.4 |