CVE-2018-16845

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 07-11-2018 03:29

Last modified: - 22-02-2022 08:27

Total changes: - 5

Description

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

Low

Confidentiality

None

Integrity

None

Privileges required

Unchanged

Scope

Required

User interaction

6.1

Base score

1.8

4.2

Exploitability score

Impact score

Verification logic

vendor=f5 AND product=NGINX AND versionEndIncluding=1.0.15 AND versionStartIncluding=1.0.7

vendor=f5 AND product=NGINX AND versionEndIncluding=1.15.5 AND versionStartIncluding=1.1.3

vendor=Debian AND product=debian_linux AND version=8.0

vendor=Debian AND product=debian_linux AND version=9.0

vendor=canonical AND product=ubuntu_linux AND version=14.04 AND software_edition=esm

vendor=canonical AND product=ubuntu_linux AND version=16.04 AND software_edition=lts

vendor=canonical AND product=ubuntu_linux AND version=18.04 AND software_edition=lts

vendor=canonical AND product=ubuntu_linux AND version=18.10

vendor=opensuse AND product=leap AND version=15.1

vendor=apple AND product=xcode AND versionEndExcluding=13.0

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16845
http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html
USN-3812-1-Patch, Third Party Advisory
1042039-Third Party Advisory, VDB Entry
DSA-4335-Third Party Advisory
[debian-lts-announce] 20181108 [SECURITY] [DLA 1572-1] nginx security update-Mailing List, Third Party Advisory
105868-Third Party Advisory, VDB Entry
RHSA-2018:3653-Third Party Advisory
RHSA-2018:3652-Third Party Advisory
RHSA-2018:3681-Third Party Advisory
RHSA-2018:3680-Third Party Advisory
openSUSE-SU-2019:2120-Mailing List, Third Party Advisory
https://support.apple.com/kb/HT212818
20210921 APPLE-SA-2021-09-20-4 Xcode 13-Mailing List, Third Party Advisory

Keywords

CVE-2018-16845

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2018-16845

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures