Description

A carefully crafted invalid TLS handshake can cause Apache Traffic Server (ATS) to segfault. This affects version 6.2.2. To resolve this issue users running 6.2.2 should upgrade to 6.2.3 or later versions.

Remediation

References

CVE-2018-8022

Related Vulnerabilities

Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-10172)

Oracle JRE CVE-2014-2421 Vulnerability (CVE-2014-2421)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3731)

MySQL CVE-2020-14830 Vulnerability (CVE-2020-14830)

WordPress Plugin Soundy Background Music Cross-Site Scripting (3.9)

Severity

High

Classification

CVE-2018-8022 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities