CVE-2018-1302 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Low
Remote	Yes
Type	Denial of service
Description	When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-664	apache	2.4.29-1	2.4.33-1	Medium	Fixed

Date	Advisory	Group	Package	Severity	Type
04 Apr 2018	ASA-201804-4	AVG-664	apache	Medium	multiple issues