FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

trafficserver -- resource consumption

Affected packages
trafficserver < 8.0.8


VuXML ID 6fd773d3-bc5a-11ea-b38d-f0def1d0c3ea
Discovery 2020-06-24
Entry 2020-07-02

Bryan Call reports:

ATS is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and spin the thread.


CVE Name CVE-2020-9494