VDB
CVE-2019-12854
CVE-2019-12854
PUBLISHED
Es existiert eine Schwachstelle in Squid. Dies befindet sich im cachemgr.cgi und beruht auf einer Nutzung von nicht initialisiertem Speicher. Ein Angreifer mit Zugriff auf die Squid Manager API kann dieses nutzen und den CGI Prozess zum Absturz bringen.
EPSS 38.05% · 97.3th percentile
Risk Scores
EPSS Score
38.05%
97.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux | |
| Debian | Debian Linux | |
| Open Source | Open Source Arch Linux | |
| Amazon | Amazon Linux 2 | |
| Open Source | Open Source CentOS | |
| Oracle | Oracle Linux | |
| Ubuntu | Ubuntu Linux | |
| SUSE | SUSE Linux |
Timeline
- Jul 14, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- May 13, 2023 EPSS Score
- Jul 14, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2023-2486.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2486 advisory
- https://alas.aws.amazon.com/AL2/ALAS-2023-2318.html advisory
- https://alas.aws.amazon.com/AL2/ALASSQUID4-2023-007.html advisory
- https://alas.aws.amazon.com/AL2/ALASSQUID4-2023-008.html advisory
- http://www.squid-cache.org/Advisories/SQUID-2019_5.txt advisory
- http://www.squid-cache.org/Advisories/SQUID-2019_3.txt advisory
- http://www.squid-cache.org/Advisories/SQUID-2019_2.txt advisory
- http://www.squid-cache.org/Advisories/SQUID-2019_1.txt advisory
- https://security.archlinux.org/ASA-201907-5 advisory
- https://usn.ubuntu.com/4065-1/ advisory
- https://usn.ubuntu.com/4065-2/ advisory
- https://www.suse.com/support/update/announcement/2019/suse-su-20192089-1.html advisory
- https://www.suse.com/support/update/announcement/2019/suse-su-20192089-2.html advisory
- https://www.debian.org/security/2019/dsa-4507 advisory
- https://access.redhat.com/errata/RHSA-2019:2593 advisory
- http://linux.oracle.com/errata/ELSA-2019-2593.html advisory
- http://lists.suse.com/pipermail/sle-security-updates/2019-November/006141.html advisory
- https://usn.ubuntu.com/4213-1/ advisory
- https://access.redhat.com/errata/RHSA-2020:2040 advisory
…and 6 more