CVE-2018-1301

A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.

We have discovered 1,266,713 live websites that are affected by CVE-2018-1301.

Test my site



Affected Software

Product  Apache
Category Web Servers
Vulnerable Domains1,266,713 live websites (40.15% of Apache install base)
Vulnerable Versions
  • from 0 before 2.4.30
Vulnerable Versions Count115 versions ( 78.23% of all versions)



Details

  • Published - Mar 26, 2018
  • Updated - Sep 16, 2024

CVE-2018-1301 usage by Country

United States369,437 websites


Germany134,514 websites
Taiwan110,086 websites
France69,675 websites
Japan56,421 websites
Russia52,343 websites
Netherlands46,729 websites
Czech Republic36,077 websites
Singapore35,112 websites
Italy27,475 websites

CVE-2018-1301 usage by TLD

.com515,290 websites
.de92,784 websites
.net52,143 websites
.org50,100 websites
.ru45,598 websites
.nl33,721 websites
.cz29,556 websites
.it26,263 websites
.fr20,334 websites
.co.uk19,297 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2018-1301

Top websites that are affected by CVE-2018-1301. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
*****.***********.com Canada***
*********.*************.se United States***
***********.org United States***
*********.net United States***
********.*********.com Singapore*,***
***.****.us United States*,***
******************.com United States*,***
*********.******.net United States*,***
****.com United States*,***
********.com United States*,***
See full domain list

FAQ

A total of 1,266,713 websites have been identified as vulnerable to CVE-2018-1301, discovered through global website indexing conducted by WebTechSurvey.
Apache is susceptible to CVE-2018-1301 vulnerability.
Apache versions before 2.4.30 are vulnerable to CVE-2018-1301.
Version 2.4.30 of Apache addresses the CVE-2018-1301 security vulnerability.

References