Lucene search

K

[email protected]NVD:CVE-2018-25103

HistoryJun 17, 2024 - 6:15 p.m.

CVE-2018-25103

2024-06-1718:15:12

[email protected]

web.nvd.nist.gov

3

vulnerability

lighttpd

case-insensitive comparison

reused pointer

0.0004 Low

EPSS

Percentile

15.7%

There exists use-after-free vulnerabilities in lighttpd <= 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not from other requests.

References

blogvdoo.wordpress.com/2018/11/06/giving-back-securing-open-source-iot-projects/#more-736

github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8

github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9

www.runzero.com/blog/lighttpd/

0.0004 Low

EPSS

Percentile

15.7%

Related for NVD:CVE-2018-25103

cve1 ubuntucve1 osv1 debiancve1 cvelist1