{"schema_version": "1.6.1", "id": "CVE-2022-31778", "summary": "Transfer-Encoding not treated as hop-by-hop", "details": "Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache.  This issue affects Apache Traffic Server 8.0.0 to 9.0.2.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "8.0.0 to 9.0.2"}, {"last_affected": "8.0.0 to 9.0.2"}]}]}], "references": [{"type": "ADVISORY", "url": "https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21"}]}