|Date: (C)2017-10-30 (M)2017-11-14|
|CVSS Score: 4.7||Access Vector: |
|Exploitability Subscore: ||Access Complexity: |
|Impact Subscore: ||Authentication: |
| ||Confidentiality: |
| ||Integrity: |
| ||Availability: |
The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function.