CVE-2018-11783
HIGH7.5EPSS 1.1%發布日:2019/3/7修改日:2026/4/28
也稱為:DEBIAN-CVE-2018-11783
描述
sslheaders plugin extracts information from the client certificate and sets headers in the request based on the configuration of the plugin. The plugin doesn't strip the headers from the request in some scenarios. This problem was discovered in versions 6.0.0 to 6.0.3, 7.0.0 to 7.1.5, and 8.0.0 to 8.0.1.
受影響套件(1)
- Debian/trafficserverfrom 0, < 8.0.2+ds-1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |