{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T05:29:53.304","vulnerabilities":[{"cve":{"id":"CVE-2018-1318","sourceIdentifier":"security@apache.org","published":"2018-08-29T13:29:01.687","lastModified":"2024-11-21T03:59:36.967","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Adding method ACLs in remap.config can cause a segfault when the user makes a carefully crafted request. This affects versions Apache Traffic Server (ATS) 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later versions and 7.x users should upgrade to 7.1.4 or later versions."},{"lang":"es","value":"La adición de métodos de listas de control de acceso en remap.config puede provocar un segfault cuando el usuario realiza una petición cuidadosamente manipulada. Esto afecta a Apache Traffic Server (ATS) desde la versión 6.0.0 hasta la 6.2.2 y desde la versión 7.0.0 hasta la 7.1.3. Para resolver este problema, los usuarios que ejecutan las versiones 6.x deberían actualizar a la versión 6.2.3 o siguientes; mientras que los usuarios de versiones 7.x deberían actualizar a la versión 7.1.4 o siguientes."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.2.2","matchCriteriaId":"72C208E2-310B-4880-B974-1D5AF04E3990"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.1.3","matchCriteriaId":"6B3144FE-55AE-4B27-8B05-C240E8AC4A2B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/105176","source":"security@apache.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/apache/trafficserver/pull/3195","source":"security@apache.org","tags":["Third Party Advisory"]},{"url":"https://lists.apache.org/thread.html/9357cdfb6352f72944411608b712e37196ad9e4bc0f17c4828a26fb2%40%3Cusers.trafficserver.apache.org%3E","source":"security@apache.org"},{"url":"https://www.debian.org/security/2018/dsa-4282","source":"security@apache.org","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/105176","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/apache/trafficserver/pull/3195","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.apache.org/thread.html/9357cdfb6352f72944411608b712e37196ad9e4bc0f17c4828a26fb2%40%3Cusers.trafficserver.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.debian.org/security/2018/dsa-4282","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}