Hostnames |
mediawiki.org w.wiki wikibooks.org wikidata.org wikifunctions.org wikimedia.org text-lb.esams.wikimedia.org wikimediafoundation.org wikinews.org wikipedia.org wikiquote.org wikisource.org wikiversity.org wikivoyage.org wiktionary.org wmfusercontent.org |
Domains | mediawiki.org w.wiki wikibooks.org wikidata.org wikifunctions.org wikimedia.org wikimediafoundation.org wikinews.org wikipedia.org wikiquote.org wikisource.org wikiversity.org wikivoyage.org wiktionary.org wmfusercontent.org |
Country | Netherlands |
City | Amsterdam |
Organization | Wikimedia Foundation, Inc. |
ISP | Wikimedia Foundation Inc. |
ASN | AS14907 |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
CVE-2023-41752 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 8.1.8, from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 8.1.9 or 9.2.3, which fixes the issue. |
CVE-2023-39456 | Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 9.2.3, which fixes the issue. |
CVE-2023-33934 | Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: through 9.2.1. |
CVE-2023-33933 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions |
CVE-2023-30631 | Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.push_method_enabled didn't function. However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions |
CVE-2022-47185 | Improper input validation vulnerability on the range header in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: through 9.2.1. |
CVE-2022-47184 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to 9.2.0. |