Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2019-12519

Published: 15/04/2020 Updated: 11/02/2021
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Squid

Vulnerability Summary

An issue exists in Squid up to and including 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

squid-cache squid

debian debian linux 9.0

debian debian linux 10.0

canonical ubuntu linux 16.04

canonical ubuntu linux 18.04

canonical ubuntu linux 19.10

canonical ubuntu linux 20.04

opensuse leap 15.1

Vendor Advisories

Ubuntu Security Notice: squid, squid3 vulnerabilities
Several security issues were fixed in Squid ...
Debian Security Advisories: DSA-4682-1 squid -- security update
Multiple security issues were discovered in the Squid proxy caching server, which could result in the bypass of security filters, information disclosure, the execution of arbitrary code or denial of service For the stable distribution (buster), these problems have been fixed in version 46-1+deb10u2 We recommend that you upgrade your squid packag ...
Red Hat: Important: squid:4 security update
Synopsis Important: squid:4 security update Type/Severity Security Advisory: Important Topic An update for the squid:4 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ...
Red Hat: Important: squid:4 security update
Synopsis Important: squid:4 security update Type/Severity Security Advisory: Important Topic An update for the squid:4 module is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabil ...
Red Hat: Important: squid:4 security update
Synopsis Important: squid:4 security update Type/Severity Security Advisory: Important Topic An update for the squid:4 module is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common ...
Red Hat: Important: squid security update
Synopsis Important: squid security update Type/Severity Security Advisory: Important Topic An update for squid is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, whi ...
Amazon Linux 2: ALAS2-2020-1448
An issue was discovered in Squid before 502 A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden This occurs because the attacker can overflow the nonce reference counter (a short integer) Remote code execution may occur if the pooled token credentials are freed (instead of ...
Amazon Linux 2: ALASSQUID4-2023-008
A flaw was found in Squid through version 47 When handling the tag esi:when, when ESI is enabled, Squid calls the ESIExpression::Evaluate function which uses a fixed stack buffer to hold the expression While processing the expression, there is no check to ensure that the stack won't overflow The highest threat from this vulnerability is to data ...
Amazon Linux AMI: ALAS-2020-1386
An issue was discovered in Squid before 502 A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden This occurs because the attacker can overflow the nonce reference counter (a short integer) Remote code execution may occur if the pooled token credentials are freed (instead of ...
Amazon Linux AMI: ALAS-2020-1378
An issue was discovered in Squid through 47 When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate This function uses a fixed stack buffer to hold the expression while it's being evaluated When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack When adding ...
Arch Linux Issues:
A stack-based out-of-bounds write has been found in Squid before 411 or 502, where a crafted ESI response sent from an upstream server can overwrite arbitrary attacker controlled information onto the process stack ...

References

CWE-787https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12519.txthttp://www.openwall.com/lists/oss-security/2020/04/23/1https://www.debian.org/security/2020/dsa-4682http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.htmlhttps://security.gentoo.org/glsa/202005-05https://usn.ubuntu.com/4356-1/https://lists.debian.org/debian-lts-announce/2020/07/msg00009.htmlhttps://security.netapp.com/advisory/ntap-20210205-0006/https://usn.ubuntu.com/4356-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook