CVE-2018-1318
HIGH7.5EPSS 14.6%trafficserver - security update
Published: 8/29/2018Modified: 4/28/2026
Description
Adding method ACLs in remap.config can cause a segfault when the user makes a carefully crafted request. This affects versions Apache Traffic Server (ATS) 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later versions and 7.x users should upgrade to 7.1.4 or later versions.
Affected packages (2)
- Debian/trafficserverfrom 0, < 7.1.4+ds-1
- Debian/trafficserverfrom 0, < 7.0.0-6+deb9u2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |