📦 Traffic Control

An SQL injection vulnerability in Apache Traffic Control's Traffic Ops component allows authenticated users with specific privileged roles (admin, federation, operations, portal, or steering) to execu...

CVE-2021-43350 is an LDAP injection vulnerability in Apache Traffic Control Traffic Ops that allows unauthenticated attackers to manipulate LDAP filters through specially-crafted usernames. This can l...

This CVE describes an Inefficient Regular Expression Complexity (ReDoS) vulnerability in Apache Traffic Control's Traffic Router management interface. Attackers with access to this interface can craft...

This vulnerability allows unprivileged users to perform port scanning on internal networks via Apache Traffic Control Traffic Ops. Attackers can send specially crafted POST requests to the /user/login...