Description

Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.

Remediation

References

CVE-2024-35296

Related Vulnerabilities

WordPress Plugin Floating Social Media Links 'wpp' Parameter Multiple Remote File Include Vulnerabilities (1.4.2)

PHP Other Vulnerability (CVE-2005-1043)

WordPress Plugin WP-AutoYoutube 'index.php' Script SQL Injection (0.1)

MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-0372)

WordPress Plugin Video Lead Form 'errMsg' Parameter Cross-Site Scripting (0.5)

Severity

High

Classification

CVE-2024-35296 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

Tags

Missing Update Known Vulnerabilities