CVE-2018-8022
7.5
HIGH
CVSS 3.1
EPSS 6.1%
Description
A carefully crafted invalid TLS handshake can cause Apache Traffic Server (ATS) to segfault. This affects version 6.2.2. To resolve this issue users running 6.2.2 should upgrade to 6.2.3 or later versions.
How to fix CVE-2018-8022
To remediate CVE-2018-8022, upgrade the affected package to a fixed version below.
- Debian/trafficserver—upgrade to 7.0.0-1 or later
Is CVE-2018-8022 being exploited?
Moderate — EPSS is 6.1%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 7.0.0-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |