DEBIAN-CVE-2018-8011

DEBIAN-CVE-2018-8011 PUBLISHED CVSS 7.5 HIGH

By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.33).

Risk Scores

CVSS v3.0

7.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:11	apache2	0, 0, 0
Debian:14	apache2	0, 0, 0
Debian:13	apache2	0, 0, 0
Debian:12	apache2	0, 0, 0

Timeline

Jul 18, 2018 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2018-8011 advisory

Open in Interactive Console →