VYPR
High severity7.5NVD Advisory· Published Aug 18, 2018· Updated Jun 17, 2026

CVE-2018-15504

CVE-2018-15504

Description

An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.

Affected products

3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.