Vulnerability Database

309,961

Total vulnerabilities in the database

CVE-2024-53868

Apache Traffic Server allows request smuggling if chunked messages are malformed. 

This issue affects Apache Traffic Server: from 9.2.0 through 9.2.9, from 10.0.0 through 10.0.4.

Users are recommended to upgrade to version 9.2.10 or 10.0.5, which fixes the issue.

  • Published: Apr 3, 2025
  • Updated: Nov 16, 2025
  • CVE: CVE-2024-53868
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWEs:

Software From Fixed in
apache / traffic_server 10.0.0 10.0.5
apache / traffic_server 9.0.0 9.2.10