mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
1.0 KiB
1.0 KiB
CVE-2025-31698
Description
ACL configured in ip_allow.config or remap.config does not use IP addresses that are provided by PROXY protocol.Users can use a new setting (proxy.config.acl.subjects) to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects undefined: from 10.0.0 through 10.0.6, from 9.0.0 through 9.2.10.Users are recommended to upgrade to version 9.2.11 or 10.0.6, which fixes the issue.
POC
Reference
No PoCs from references.