Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2018-11793

When parsing a JSON payload with deeply nested JSON structures, the parser in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.1, 1.6.0 to 1.6.1, and 1.7.0 might overflow the stack due to unbounded recursion. A malicious actor can therefore cause a denial of service of Mesos masters rendering the Mesos-controlled cluster inoperable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.043
EPSS Ranking 88.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2018-11793
  • Apache » Mesos » Version: 1.4.0
    cpe:2.3:a:apache:mesos:1.4.0
  • Apache » Mesos » Version: 1.4.1
    cpe:2.3:a:apache:mesos:1.4.1
  • Apache » Mesos » Version: 1.4.2
    cpe:2.3:a:apache:mesos:1.4.2
  • Apache » Mesos » Version: 1.5.0
    cpe:2.3:a:apache:mesos:1.5.0
  • Apache » Mesos » Version: 1.5.1
    cpe:2.3:a:apache:mesos:1.5.1
  • Apache » Mesos » Version: 1.6.0
    cpe:2.3:a:apache:mesos:1.6.0
  • Apache » Mesos » Version: 1.6.1
    cpe:2.3:a:apache:mesos:1.6.1
  • Apache » Mesos » Version: 1.7.0
    cpe:2.3:a:apache:mesos:1.7.0
  • Apache » Mesos » Version: 1.8.0
    cpe:2.3:a:apache:mesos:1.8.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved