{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T03:06:32.695","vulnerabilities":[{"cve":{"id":"CVE-2018-8022","sourceIdentifier":"security@apache.org","published":"2018-08-29T13:29:02.107","lastModified":"2024-11-21T04:13:06.880","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A carefully crafted invalid TLS handshake can cause Apache Traffic Server (ATS) to segfault. This affects version 6.2.2. To resolve this issue users running 6.2.2 should upgrade to 6.2.3 or later versions."},{"lang":"es","value":"Una negociación TLS inválida cuidadosamente manipulada puede provocar un segfault en Apache Traffic Server (ATS). Esto afecta a la versión 6.2.2. Para resolver este problema, los usuarios que ejecuten la versión 6.2.2 deberían actualizar a la versión 6.2.3 o siguientes."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.2.2","matchCriteriaId":"72C208E2-310B-4880-B974-1D5AF04E3990"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/105183","source":"security@apache.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/apache/trafficserver/pull/2147","source":"security@apache.org","tags":["Patch","Third Party Advisory"]},{"url":"https://lists.apache.org/thread.html/ce404d2fe16cc59085ece5a6236ccd1549def471a2a9508198d966b1%40%3Cusers.trafficserver.apache.org%3E","source":"security@apache.org"},{"url":"http://www.securityfocus.com/bid/105183","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/apache/trafficserver/pull/2147","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://lists.apache.org/thread.html/ce404d2fe16cc59085ece5a6236ccd1549def471a2a9508198d966b1%40%3Cusers.trafficserver.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}