{"schema_version": "1.6.1", "id": "CVE-2020-17509", "summary": "Apache Traffic Server negative cache option is vulnerable to a cache poisoning attack", "details": "Apache Traffic Server negative cache option is vulnerable to a cache poisoning attack affecting versions 6.0.0 through 6.2.3, 7.0.0 through 7.1.10, and 8.0.0 through 8.0.7.  If you have this option enabled, please upgrade or disable this feature.\n", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "Apache Traffic Server"}, {"last_affected": "Apache Traffic Server"}]}]}], "references": [{"type": "ADVISORY", "url": "https://lists.apache.org/thread.html/raa9f0589c26c4d146646425e51e2a33e1457492df9f7ea2019daa6d3%40%3Cdev.trafficserver.apache.org%3E"}]}