Your submission was sent successfully! Close

CVE-2020-17509

Published: 11 January 2021

ATS negative cache option is vulnerable to a cache poisoning attack. If you have this option enabled, please upgrade or disable this feature. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 to 8.1.0 are affected.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
trafficserver
Launchpad, Ubuntu, Debian
bionic Needed

focal Needed

groovy Ignored
(reached end-of-life)
hirsute Not vulnerable
(8.1.1+ds-1)
impish Not vulnerable
(8.1.1+ds-1)
jammy Not vulnerable
(8.1.1+ds-1)
precise Does not exist

trusty Does not exist

upstream
Released (8.1.1+ds-1)
xenial Ignored
(end of standard support, was needs-triage)