VDB
CVE-2019-8981
CVE-2019-8981
PUBLISHED
CVSS 9.800000190734863 CRITICAL
tls1.c in Cameron Hamilton-Rich axTLS before 2.1.5 has a Buffer Overflow via a crafted sequence of TLS packets because the need_bytes value is mismanaged.
EPSS 0.53% · 67.6th percentile
Risk Scores
CVSS 3.0
9.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.53%
67.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| axtls_project | axtls | 0 |
Timeline
- Mar 26, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- http://axtls.sourceforge.net url
- https://www.telekom.com/en/corporate-responsibility/data-protection-data-security/security/details/advisories-504842 url
- https://www.telekom.com/resource/blob/566546/276aaa2eab781729f2544d62edecf002/dl-190322-remote-buffer-overflow-in-a-axtls-data.pdf url
- https://nvd.nist.gov/vuln/detail/CVE-2019-8981 advisory