CVE-2018-1333
Description
By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.18-2.4.30,2.4.33).
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
15.119
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update Apache to version 2.4.34 | Windows |
| Vulnerabilities CVE-2018-1333 are fixed in Apache 2.4.34 | Windows |
| Apache HTTP server (USN-3783-1) apache2-bin_2.4.29-1ubuntu4.4_i386.deb | Linux |
| Apache HTTP server (USN-3783-1) apache2-bin_2.4.29-1ubuntu4.4_amd64.deb | Linux |
| Update Apache to version 2.4.34 (For Linux) | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234