{"id":"CVE-2020-17508","details":"The ATS ESI plugin has a memory disclosure vulnerability. If you are running the plugin please upgrade. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 to 8.1.0 are affected.","modified":"2026-03-14T10:19:30.709319Z","published":"2021-01-11T10:15:13.343Z","references":[{"type":"ADVISORY","url":"https://lists.apache.org/thread.html/r65434f7acca3aebf81b0588587149c893fe9f8f9f159eaa7364a70ff%40%3Cannounce.trafficserver.apache.org%3E"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/trafficserver","events":[{"introduced":"27f8e2cda9133864e6ffae0224c799fde5f10290"},{"last_affected":"eaed59510bda6f1d27854d9d3f07aace2afffc16"},{"introduced":"6c1c6cf20e7d0e287d697a0f4181436013d17c30"},{"last_affected":"50d569d13cfa3bf7328e2483380794507ad8e24b"},{"introduced":"b310e3566f58dd04ec2b15b111ec86ea70e20019"},{"last_affected":"72c03baa83e0736e4d3fc90880642c2f5593ecf2"}],"database_specific":{"versions":[{"introduced":"6.0.0"},{"last_affected":"6.2.3"},{"introduced":"7.0.0"},{"last_affected":"7.1.11"},{"introduced":"8.0.0"},{"last_affected":"8.1.0"}]}}],"versions":["8.0.0","8.0.0-rc4","8.0.1","8.0.1-rc0","8.0.2","8.0.2-rc0","8.0.3","8.0.3-rc0","8.0.4","8.0.4-rc0","8.0.5","8.0.6","8.0.6-rc0","8.0.6-rc1","8.1.0","8.1.0-rc0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-17508.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}