National Cyber Warfare Foundation (NCWF)

CVE-2025-49763 Remote DoS via Memory Exhaustion in Apache Traffic Server via ESI Plugin
0 user ratings		2025-06-21 00:47:15
milo
Blue Team (CND)

Remote attackers can trigger an avalanche of internal ESI requests, exhausting memory and causing denial-of-service in Apache Traffic Server. Executive Summary Imperva’s Offensive Security Team discovered CVE-2025-49763, a high-severity vulnerability (CVSS v3.1 estimated score: 7.5) in Apache Traffic Server’s ESI plugin that enables unauthenticated attackers to exhaust memory and potentially crash proxy nodes. Given ATS’s […]


The post CVE-2025-49763 – Remote DoS via Memory Exhaustion in Apache Traffic Server via ESI Plugin appeared first on Blog.


The post CVE-2025-49763 – Remote DoS via Memory Exhaustion in Apache Traffic Server via ESI Plugin appeared first on Security Boulevard.



Yohann Sillam

Source: Security Boulevard
Source Link: https://securityboulevard.com/2025/06/cve-2025-49763-remote-dos-via-memory-exhaustion-in-apache-traffic-server-via-esi-plugin/?utm_source=rss&utm_medium=rss&utm_campaign=cve-2025-49763-remote-dos-via-memory-exhaustion-in-apache-traffic-server-via-esi-plugin

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.