{"id":"CVE-2017-7671","details":"There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump.","modified":"2026-04-10T04:00:58.377543Z","published":"2018-02-27T20:29:00.450Z","references":[{"type":"WEB","url":"https://lists.apache.org/thread.html/203bdcf9bbb718f3dc6f7aaf3e2af632474d51fa9e7bfb7832729905%40%3Cdev.trafficserver.apache.org%3E"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4128"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/trafficserver","events":[{"introduced":"cad13d9c6fa6454f7bd3664bdae7e1a91a871e94"},{"last_affected":"cc74be0788e14bb1b22edace392817048ea31011"},{"introduced":"0"},{"last_affected":"a57be23251358e6ac97442ebde3dae8d95d94846"},{"introduced":"0"},{"last_affected":"6c1c6cf20e7d0e287d697a0f4181436013d17c30"},{"introduced":"0"},{"last_affected":"b14030656330ed623cd1f9efe2f4f9abd9d16e29"}],"database_specific":{"versions":[{"introduced":"5.2.0"},{"last_affected":"5.3.2"},{"introduced":"0"},{"last_affected":"6.2.0"},{"introduced":"0"},{"last_affected":"7.0.0"},{"introduced":"0"},{"last_affected":"9.0"}]}}],"versions":["3.1.2","3.3.0","3.3.1","5.3.0","5.3.0-rc0","5.3.0-rc1","5.3.0-rc2","5.3.0-rc3","5.3.1","5.3.1-rc0","5.3.2","5.3.2-rc0","5.3.2-rc1","6.2.0","6.2.0-rc0","6.2.0-rc1","6.2.0-rc2","6.2.0-rc3","7.0.0","7.0.0-rc0","7.0.0-rc1","7.0.0-rc2","9.0.0","9.0.0-rc0","9.0.0-rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7671.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}