ID CVE-2018-1330
Summary When parsing a malformed JSON payload, libprocess in Apache Mesos versions 1.4.0 to 1.5.0 might crash due to an uncaught exception. Parsing chunked HTTP requests with trailers can lead to a libprocess crash too because of the mistakenly planted assertion. A malicious actor can therefore cause a denial of service of Mesos masters rendering the Mesos-controlled cluster inoperable.
Vulnerable Configurations
Base: None
refmap via4
mlist [dev] 20180913 CVE-2018-1330: Libprocess might crash when decoding malformed HTTP requests or malformed JSON payload.
Last major update 13-09-2018 - 15:29
Published 13-09-2018 - 15:29
Last modified 13-09-2018 - 15:29
Back to Top