VDB
CVE-2019-12527
CVE-2019-12527
PUBLISHED
Es existiert eine Puffer Überlauf Schwachstelle in Squid. Diese beruht auf einer fehlerhaften Speicherverwaltung und tritt auf, wenn HTTP Authentisierungsmerkmale verarbeitet werden. Ein Angreifer kann dieses nutzen und möglicherweise beliebigen Programmcode zur Ausführung bringen.
EPSS 12.16% · 94.0th percentile
Risk Scores
EPSS Score
12.16%
94.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source | Open Source CentOS | |
| Open Source | Open Source Arch Linux | |
| SUSE | SUSE Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Ubuntu | Ubuntu Linux | |
| Oracle | Oracle Linux | |
| Amazon | Amazon Linux 2 | |
| Debian | Debian Linux |
Exploit Intelligence
- Basic Authentication Heap Overflow (hackerone)
- Basic Authentication Heap Overflow (hackerone)
- Basic Authentication Heap Overflow (hackerone)
Timeline
- CVE Published
- Apr 14, 2021 EPSS Score
- Aug 26, 2021 PoC Published
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Aug 20, 2023 EPSS Score
- Apr 30, 2024 EPSS Score
- Feb 27, 2025 EPSS Score
- Mar 17, 2025 EPSS Score
- Mar 22, 2025 EPSS Score
- Mar 30, 2025 EPSS Score
- Apr 13, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2023-2486.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2486 advisory
- https://alas.aws.amazon.com/AL2/ALAS-2023-2318.html advisory
- https://alas.aws.amazon.com/AL2/ALASSQUID4-2023-007.html advisory
- https://alas.aws.amazon.com/AL2/ALASSQUID4-2023-008.html advisory
- http://www.squid-cache.org/Advisories/SQUID-2019_5.txt advisory
- http://www.squid-cache.org/Advisories/SQUID-2019_3.txt advisory
- http://www.squid-cache.org/Advisories/SQUID-2019_2.txt advisory
- http://www.squid-cache.org/Advisories/SQUID-2019_1.txt advisory
- https://security.archlinux.org/ASA-201907-5 advisory
- https://usn.ubuntu.com/4065-1/ advisory
- https://usn.ubuntu.com/4065-2/ advisory
- https://www.suse.com/support/update/announcement/2019/suse-su-20192089-1.html advisory
- https://www.suse.com/support/update/announcement/2019/suse-su-20192089-2.html advisory
- https://www.debian.org/security/2019/dsa-4507 advisory
- https://access.redhat.com/errata/RHSA-2019:2593 advisory
- http://linux.oracle.com/errata/ELSA-2019-2593.html advisory
- http://lists.suse.com/pipermail/sle-security-updates/2019-November/006141.html advisory
- https://usn.ubuntu.com/4213-1/ advisory
- https://access.redhat.com/errata/RHSA-2020:2040 advisory
…and 6 more