CVE-2024-50306

CRITICAL Year: 2024
CVSS v3 Score
9.1
Critical
Weakness Type
CWE-252
View all →

Vulnerability Description

Unchecked return value can allow Apache Traffic Server to retain privileges on startup. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5, from 10.0.0 through 10.0.1. Users are recommended to upgrade to version 9.2.6 or 10.0.2, which fixes the issue.

Related Vulnerabilities

CVE-2022-23806

CRITICAL
CVSS:9.1(Critical)

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

CWE-2522022

CVE-2019-15942

HIGH
CVSS:8.8(High)

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer.

CWE-2522019

CVE-2021-26958

HIGH
CVSS:8.8(High)

An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because transmutation to the wrong type can happen after xcb::base::cast_event uses std::mem::transmu...

CWE-2522021

CVE-2023-44182

HIGH
CVSS:8.8(High)

An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol...

CWE-2522023

CVE-2024-1545

HIGH
CVSS:8.8(High)

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victi...

CWE-2522024

CVE-2024-2881

HIGH
CVSS:8.8(High)

Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a vi...

CWE-2522024