CVE-2024-35296

{"id": "CVE-2024-35296", "cveTags": [], "metrics": {}, "published": "2024-07-26T10:15:02.713", "references": [{"url": "https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0", "source": "security@apache.org"}], "vulnStatus": "Undergoing Analysis", "weaknesses": [{"type": "Primary", "source": "security@apache.org", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests.\n\nThis issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4.\n\nUsers are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue."}, {"lang": "es", "value": "Un encabezado Invalid Accept-Encoding puede provocar que Apache Traffic Server no pueda realizar una b\u00fasqueda en cach\u00e9 y fuerce el reenv\u00edo de solicitudes. Este problema afecta a Apache Traffic Server: de la versi\u00f3n 8.0.0 a la 8.1.10 y de la versi\u00f3n 9.0.0 a la 9.2.4. Se recomienda a los usuarios que actualicen a la versi\u00f3n 8.1.11 o 9.2.5, que soluciona el problema."}], "lastModified": "2024-07-26T12:38:41.683", "sourceIdentifier": "security@apache.org"}