CVE-2022-23206

描述

Server-Side Request Forgery in Apache Traffic Control in github.com/apache/trafficcontrol

受影響套件(2)

• Go/github.com/apache/trafficcontrol>= 6.0.0, < 6.1.0
• Go/github.com/apache/trafficcontrolfrom 0, < 5.1.6+incompatible, >= 6.0.0+incompatible, < 6.1.0+incompatible

CVSS 分數

參考連結(3)

• ADVISORYhttps://github.com/advisories/GHSA-wp47-9r3h-xfgq
• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-23206
• WEBhttps://lists.apache.org/thread/lsrd2mqj29vrvwsh8g0d560vvz8n126f