CVE-2018-25103

Summary

There exists use-after-free vulnerabilities in lighttpd <= 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not from other requests.

Affected Software

VendorProductVersion RangeStatus
lighttpdlighttpd* <= 1.4.50affected

Weaknesses

  • CWE-416: Use After Free

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References