CVE-2018-1303 vulnerability in Apache and Other Products
Published on March 26, 2018

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considered as low risk since mod_cache_socache is not widely used, mod_cache_disk is not concerned by this vulnerability.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2018-1303

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-1303 are published in these products:

Apache HTTP Server

NetApp Santricity Cloud Connector

NetApp Storagegrid

NetApp Storage Automation Store

Canonical Ubuntu Linux

Debian Linux

NetApp Clustered Data Ontap

Affected Versions

Apache Software Foundation Apache HTTP Server Version 2.4.5 to 2.4.29 is affected by CVE-2018-1303

Exploit Probability

EPSS

40.14%

Percentile

97.28%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-1303 vulnerability in Apache and Other ProductsPublished on March 26, 2018

Products Associated with CVE-2018-1303

Affected Versions

Exploit Probability

CVE-2018-1303 vulnerability in Apache and Other Products
Published on March 26, 2018