CVE-2018-12684

Published June 22nd, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

5.8

MEDIUM

Affected

PROJECT

Description

Out-of-bounds Read in the send_ssi_file function in civetweb.c in CivetWeb through 1.10 allows attackers to cause a Denial of Service or Information Disclosure via a crafted SSI file.

civetweb/civetweb

Embedded C/C++ web server

GitHub

3.4K