{"id":"CVE-2018-25103","details":"There exists use-after-free vulnerabilities in lighttpd \u003c= 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not from other requests.","modified":"2026-04-11T14:54:40.938170Z","published":"2024-06-17T18:15:12.650Z","references":[{"type":"WEB","url":"https://www.kb.cert.org/vuls/id/312260"},{"type":"WEB","url":"https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024002.pdf"},{"type":"FIX","url":"https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9"},{"type":"FIX","url":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8"},{"type":"ARTICLE","url":"https://www.runzero.com/blog/lighttpd/"},{"type":"ARTICLE","url":"https://blogvdoo.wordpress.com/2018/11/06/giving-back-securing-open-source-iot-projects/#more-736"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/lighttpd/lighttpd1.4","events":[{"introduced":"0"},{"fixed":"d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8"}]},{"type":"GIT","repo":"https://github.com/lighttpd/lighttpd1.4","events":[{"introduced":"0"},{"fixed":"df8e4f95614e476276a55e34da2aa8b00b1148e9"}]},{"type":"GIT","repo":"https://github.com/lighttpd/lighttpd1.4","events":[{"introduced":"0"},{"fixed":"d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8"}]},{"type":"GIT","repo":"https://github.com/lighttpd/lighttpd1.4","events":[{"introduced":"0"},{"fixed":"df8e4f95614e476276a55e34da2aa8b00b1148e9"}]}],"versions":["lighttpd-1.3.11","lighttpd-1.3.12","lighttpd-1.3.13","lighttpd-1.3.14","lighttpd-1.3.15","lighttpd-1.3.16","lighttpd-1.4.1","lighttpd-1.4.2","lighttpd-1.4.25","lighttpd-1.4.26","lighttpd-1.4.27","lighttpd-1.4.28","lighttpd-1.4.29","lighttpd-1.4.3","lighttpd-1.4.30","lighttpd-1.4.31","lighttpd-1.4.32","lighttpd-1.4.33","lighttpd-1.4.34","lighttpd-1.4.35","lighttpd-1.4.36","lighttpd-1.4.36--rc1","lighttpd-1.4.37","lighttpd-1.4.38","lighttpd-1.4.39","lighttpd-1.4.4","lighttpd-1.4.40","lighttpd-1.4.41","lighttpd-1.4.42","lighttpd-1.4.43","lighttpd-1.4.44","lighttpd-1.4.45","lighttpd-1.4.46","lighttpd-1.4.47","lighttpd-1.4.48","lighttpd-1.4.49","lighttpd-1.4.5","lighttpd-1.4.50","lighttpd-1.4.6","lighttpd-1.4.7"],"database_specific":{"vanir_signatures":[{"id":"CVE-2018-25103-156e1352","source":"https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9","deprecated":false,"target":{"file":"src/request.c"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["246009349473333614023047990629878126184","204367143214497225342545567715357513016","295564844293388981181312915944033587449","189899803973884612364814741717748161115","115051299043930959133182371684246260671","151731225488274849014964797005327183953","316506911302985549852842593606769908345","131717849578051332685159454207601584847","14465564875885446660250879385190366042","147344715412917341967159941672153693207","261132700868379521276670937091578035944","62869677652853722364966417283110919434","271911161642191057285790971507630950366","187525521267276666418818816345361422279","148239379363989624651189924280992651619","262060769690341946469686030152278625217","88222814242384881596564085148518062172","113116468545771878739517769305180843284","66378793959045032992415855950187724807","18390417561985779762068001932409962933","236835403693246056554500459813990785594","8512656030326554608988583948733707467","198287876916796102868389336284597915555","87184171799293286529109014535113540374","338915026269405791816508404690288702128","25238069949692652510731814353211862591","203465355310772320516303124005033448593","125134071828649013114472632034119510899","28616384078005203753751886390927249161","307045056303614966910510540730075535946","170938519785467886067882470415518820860","163508836285916582959162061739341761653","134806057608229436438742313089790249595","97224520087897506533756810770680120638","219587869896038038224987947673181843730","118261778764159770871265901734770783181","39898007040991967715719042334063462517","111857727771216734507405860024361975538","118442132250424325521920380203318146748","76299610821621269799609492925867909978","189037560652621164687510775446502069446","115216486835995829218610278306355311523","86597735928569425495902886228980888530","214231761749614652346827723860898185272","228353037382788085377129088099151105391","79123115429547849361253552526602949631","219451594525769243927823857444486713218","332917171192048007246434143317261855372","323831840183634838376336691957325852910","175064937704203903912802914170333833985","47119220901633313646421102760659484056","298740960392813188296303240406074399457","155479057612620892352595334326615920754","212285567173521423268834408543668579738","291595000097575603875717693203724237205"]},"signature_version":"v1"},{"id":"CVE-2018-25103-3f5d0072","source":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8","deprecated":false,"target":{"file":"src/http-header-glue.c"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["251419104428642506513878925132615769665","107658503189526638487775156688144153740","148111985143560013314764364642123109013","164278442705083032519547972246199035495","189841354512426474495408647400530105338","246287297565924739399841748832012230872","141640914743367127741346672830812295720","243997451393686329416024536776669952700","327497186625378233986754629147472774874","163757015661311440026234297865801912721","202054677114986033339742501907986980837","330874628087232810730692099792109562844","311208252611442397559032815228654746511","39645001135290814000954122764748331607","100988980291172329814889118979971177021","244786690472804430725134260383322524918","160186299274877614151680114010088089409","38988790665015417835685565749664112458","223156449317656127415954578706734045681","160186299274877614151680114010088089409","110328764515362703566873801335033067222","45276379943680408658578557971317704152","133810087396102125449528548690342811691","216368499095294677028192449837137462898","75334102497205901735653971918310657147","160186299274877614151680114010088089409","38988790665015417835685565749664112458","223156449317656127415954578706734045681","219097455896383551781849344984483285075","31933626973629210342445841152711128960","82168198710473160438929167281735131841","158446896987921723071957158074728656491","230142805415263255038717694120503945608","109244796347332379893918417433374203139","127479511771547748483202662154862062748","216033807631488883627822031014693402959","270378600107417109374722548291316254779","202701833550604229564413816542760665001","67384462653963801788922786828752361066","21158502973842483622426877592214639425","333209533432479642197976417520170457423","154649062027771839384032334378380358099","101310082029172041445198055776359629484"]},"signature_version":"v1"},{"id":"CVE-2018-25103-43a1eb52","source":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8","deprecated":false,"target":{"file":"src/base.h"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["200247613657499969346083858666223119770","121085043153592585019959928074540125862","72176461814164674813900888259527721985","337102870355667494584185751593931068354","79156242311697088538541012648895668635","226239212853724876986513899763216884821","287185265177931213981007181026058222358","252972807828314563289279016330648104503"]},"signature_version":"v1"},{"id":"CVE-2018-25103-66415166","source":"https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9","deprecated":false,"target":{"file":"src/request.c","function":"http_request_parse"},"signature_type":"Function","digest":{"length":14263,"function_hash":"146130499813709236720775407456275584578"},"signature_version":"v1"},{"id":"CVE-2018-25103-6b75f995","source":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8","deprecated":false,"target":{"file":"src/t/test_request.c","function":"test_request_http_request_parse"},"signature_type":"Function","digest":{"length":11760,"function_hash":"29706367145274578055571171384380664002"},"signature_version":"v1"},{"id":"CVE-2018-25103-8186e511","source":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8","deprecated":false,"target":{"file":"src/http-header-glue.c","function":"http_response_parse_range"},"signature_type":"Function","digest":{"length":3460,"function_hash":"76245113936378622864694779741242517289"},"signature_version":"v1"},{"id":"CVE-2018-25103-83834615","source":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8","deprecated":false,"target":{"file":"src/http-header-glue.c","function":"http_response_send_file"},"signature_type":"Function","digest":{"length":3116,"function_hash":"221906203987415132133584530247049485373"},"signature_version":"v1"},{"id":"CVE-2018-25103-8c7d1925","source":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8","deprecated":false,"target":{"file":"src/request.c","function":"http_request_parse"},"signature_type":"Function","digest":{"length":19929,"function_hash":"328007060334241126757620599833701877701"},"signature_version":"v1"},{"id":"CVE-2018-25103-91d5043a","source":"https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9","deprecated":false,"target":{"file":"src/request.c","function":"parse_single_header"},"signature_type":"Function","digest":{"length":3567,"function_hash":"103008511146208820322382114135648299078"},"signature_version":"v1"},{"id":"CVE-2018-25103-cdfa0169","source":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8","deprecated":false,"target":{"file":"src/request.c"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["311971734691968895430555204295977136171","15463213677373329122338378937004150702","38153316448421845205586647894731534933","236432753107368975993417802196679370363","338927737123467289417414645855208336140","234644194591774290101884827044504776603","157011037328277293402130836716294070904","289781592735138414921659999302089739349","276124982124907471228717257817770104919","171594515939049573951138926479540520554","272123244621778087407732169313628584659","294283965581096884510919418587194977337","78047940835101195270700255169265585664","164789924174319805496850698534553219050","331849661840802697303385943466444429924","74969359178773229269363299277511078640","294615269763147315127635840627739538315","324420782635837211685623121963747477602","119004712402432048571049510490118956831","106773605300392219248823075769290832970","226101206725641956418392697000662644099","128278406523854211409274585814618471917"]},"signature_version":"v1"},{"id":"CVE-2018-25103-d52c3c67","source":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8","deprecated":false,"target":{"file":"src/connections.c","function":"connection_reset"},"signature_type":"Function","digest":{"length":1331,"function_hash":"75792027933325015571889346342640614378"},"signature_version":"v1"},{"id":"CVE-2018-25103-d909d053","source":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8","deprecated":false,"target":{"file":"src/connections.c"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["312420482691617511804764380432116282174","288666784513994140313097690398994477412","82740078044491109969167001493723272933","240555472601177094018999564907929284560"]},"signature_version":"v1"},{"id":"CVE-2018-25103-ed56f7ec","source":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8","deprecated":false,"target":{"file":"src/t/test_request.c","function":"test_request_connection_reset"},"signature_type":"Function","digest":{"length":745,"function_hash":"313096109300505158287153404755879153085"},"signature_version":"v1"},{"id":"CVE-2018-25103-f68c795b","source":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8","deprecated":false,"target":{"file":"src/t/test_request.c"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["61065783542386273751226985912522548663","199591936520713475241925356871821241423","154503735776718921041640891892690161329","35428198664257262347161965006574756695","70646320648525484181545971001681919593","131880999906443683768121202223126712334","212737294047137254940186939900839204115","101319272265461638428041169804087354319","138376482804546605994640066871959248882","14918870188546391539663108946590732124","213371392878979281925786413764169078564"]},"signature_version":"v1"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-25103.json","vanir_signatures_modified":"2026-04-11T14:54:40Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}