A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2018-03-26T15:00:00Z
Updated: 2024-09-16T17:22:56.161Z
Reserved: 2017-12-07T00:00:00
Link: CVE-2018-1301
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-03-26T15:29:00.430
Modified: 2024-11-21T03:59:34.537
Link: CVE-2018-1301
Redhat