{"id":"CVE-2020-9481","details":"Apache ATS 6.0.0 to 6.2.3, 7.0.0 to 7.1.9, and 8.0.0 to 8.0.6 is vulnerable to a HTTP/2 slow read attack.","modified":"2026-04-11T23:13:36.807585Z","published":"2020-04-27T22:15:12.457Z","references":[{"type":"ADVISORY","url":"https://www.debian.org/security/2020/dsa-4672"},{"type":"FIX","url":"https://lists.apache.org/thread.html/r21ddaf0a4a973f3c43c7ff399ae50d2f858f13f87bd6a9551c5cf6db%40%3Cannounce.trafficserver.apache.org%3E"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/trafficserver","events":[{"introduced":"27f8e2cda9133864e6ffae0224c799fde5f10290"},{"last_affected":"eaed59510bda6f1d27854d9d3f07aace2afffc16"},{"introduced":"6c1c6cf20e7d0e287d697a0f4181436013d17c30"},{"last_affected":"61e631ac4e12ad283fc796b01ec56fb5442d3e62"},{"introduced":"b310e3566f58dd04ec2b15b111ec86ea70e20019"},{"last_affected":"bcc92eeca744b07500d6dd3b6b9a222a968fe8fa"},{"introduced":"0"},{"last_affected":"3fa146678bc6a061722f4ea930998ae29ad70de3"}],"database_specific":{"extracted_events":[{"introduced":"6.0.0"},{"last_affected":"6.2.3"},{"introduced":"7.0.0"},{"last_affected":"7.1.9"},{"introduced":"8.0.0"},{"last_affected":"8.0.6"},{"introduced":"0"},{"last_affected":"10.0"}],"source":"CPE_FIELD","cpe":["cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"]}}],"versions":["10.0.0","10.0.0-rc0","3.1.2","3.3.0","3.3.1","6.2.0","6.2.0-rc0","6.2.0-rc1","6.2.0-rc2","6.2.0-rc3","6.2.1","6.2.1-rc0","6.2.2","6.2.2-rc0","6.2.3","6.2.3-rc0","7.1.0","7.1.0-rc0","7.1.0-rc1","7.1.1","7.1.1-rc0","7.1.1-rc1","7.1.2","7.1.2-rc0","7.1.2-rc1","7.1.2-rc2","7.1.2-rc3","7.1.2-rc4","7.1.3","7.1.3-rc0","7.1.4","7.1.4-rc0","7.1.4-rc1","7.1.5","7.1.5-rc0","7.1.5-rc1","7.1.6","7.1.6-rc0","7.1.6-rc1","7.1.7","7.1.7-rc0","7.1.8","7.1.9","7.1.9-rc0","7.1.9-rc1","7.1.9-rc2","8.0.0","8.0.0-rc4","8.0.1","8.0.1-rc0","8.0.2","8.0.2-rc0","8.0.3","8.0.3-rc0","8.0.4","8.0.4-rc0","8.0.5","8.0.6","8.0.6-rc0","8.0.6-rc1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-9481.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}