{"schema_version": "1.6.1", "id": "CVE-2020-17508", "summary": "Apache Traffic Server ESI plugin has a memory disclosure vulnerability", "details": "The ESI plugin in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.11, and 8.0.0 to 8.1.0 has a memory disclosure vulnerability.  If you are running the plugin please upgrade to 7.1.12 or 8.1.1 or later.\n", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "Apache Traffic Server"}, {"last_affected": "Apache Traffic Server"}]}]}], "references": [{"type": "ADVISORY", "url": "https://lists.apache.org/thread.html/r65434f7acca3aebf81b0588587149c893fe9f8f9f159eaa7364a70ff%40%3Cdev.trafficserver.apache.org%3E"}]}