1. Home
  2. CVEs with refmap.mlist==[trafficserver-users] 20180828 [ANNOUNCE] Apache Traffic Server vulnerability with header variable access in the ESI plugin - CVE-2018-8040
Max CVSS 5.0 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-8040 5.0
Pages that are rendered using the ESI plugin can have access to the cookie header when the plugin is configured not to allow access. This affects Apache Traffic Server (ATS) versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users runn
03-10-2019 - 00:03 29-08-2018 - 13:29
Back to Top Mark selected
Back to Top