1. Home
  2. Vulnerabilities
  3. CVE-2019-12519

CVE-2019-12519

CVSS v3.1 9.8 (Critical)
98% Progress
CVSS v2.0 7.5 (High)
75% Progress
EPSS 1.78 % (88th)
1.78% Progress
Affected Products 4
Advisories 17
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.

Weaknesses
CWE-787
Out-of-bounds Write
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2020-04-15 20:15:13
(4 years ago)
Updated Date
2021-02-11 14:43:00
(3 years ago)

Affected Products

Canonical

Debian

Opensuse

Squid-cache

Configuration #1

    CPE23 From Up To
  Squid-cache Squid from 3.0 version and 3.5.28 and prior versions cpe:2.3:a:squid-cache:squid >= 3.0 <= 3.5.28
  Squid-cache Squid from 4.0 version and 4.10 and prior versions cpe:2.3:a:squid-cache:squid >= 4.0 <= 4.10
  Squid-cache Squid from 5.0 version and 5.0.1 and prior versions cpe:2.3:a:squid-cache:squid >= 5.0 <= 5.0.1

Configuration #2

    CPE23 From Up To
  Debian Linux 9.0 cpe:2.3:o:debian:debian_linux:9.0
  Debian Linux 10.0 cpe:2.3:o:debian:debian_linux:10.0

Configuration #3

    CPE23 From Up To
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts
  Canonical Ubuntu Linux 18.04 cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts
  Canonical Ubuntu Linux 19.10 cpe:2.3:o:canonical:ubuntu_linux:19.10
  Canonical Ubuntu Linux 20.04 cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts

Configuration #4

    CPE23 From Up To
  Opensuse Leap 15.1 cpe:2.3:o:opensuse:leap:15.1