CVE-2024-50305

CVE-2024-50305: Apache Traffic Server: Valid Host field value can cause crashes

Vendor Apache Software Foundation

Product Apache Traffic Server

Weakness CWE-20 · Input validation

Published November 14, 2024

Last update November 14, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue.

Key dates

Disclosure timeline

November 14, 2024 CVE published

November 14, 2024 Record updated