PT-2026-29792 · Apache · Apache Traffic Server
Published
2026-04-02
·
Updated
2026-05-22
·
CVE-2025-58136
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Apache Traffic Server versions 10.0.0 through 10.1.1, and versions 9.0.0 through 9.2.12
Description
A flaw in how POST requests are processed can lead to a system crash.
Recommendations
Upgrade to version 10.1.2
Upgrade to version 9.2.13
Set
proxy.config.http.request buffer enabled to 0Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Traffic Server