Lucene search
ApacheCVELIST:CVE-2018-11783HistoryFeb 12, 2019 - 12:00 a.m.
CVE-2018-11783
2019-02-1200:00:00
apache
www.cve.org
0.001 Low
EPSS
Percentile
23.5%
sslheaders plugin extracts information from the client certificate and sets headers in the request based on the configuration of the plugin. The plugin doesn’t strip the headers from the request in some scenarios. This problem was discovered in versions 6.0.0 to 6.0.3, 7.0.0 to 7.1.5, and 8.0.0 to 8.0.1.
CNA Affected
[
{
"product": "Apache Traffic Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache Traffic Server 6.0.0 to 6.0.3, 7.0.0 to 7.1.5, 8.0.0 to 8.0.1"
}
]
}
]Related
osv
osv
CVE-2018-11783
2019-03-07 18:29:00
prion
prion
Cross site request forgery (csrf)
2019-03-07 18:29:00
openvas
openvas
Apache Traffic Server (ATS) sslheader Plugin Vulnerability
2019-02-14 00:00:00
ubuntucve
ubuntucve
CVE-2018-11783
2019-03-07 00:00:00
cve
cve
CVE-2018-11783
2019-03-07 18:29:00
veracode
veracode
Information Disclosure
2020-12-06 04:22:45
nvd
nvd
CVE-2018-11783
2019-03-07 18:29:00
debiancve
debiancve
CVE-2018-11783
2019-03-07 18:29:00