7.5
CVE-2019-12854
- EPSS 44.49%
- Veröffentlicht 15.08.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:23:43
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Squid-cache ≫ Squid Version >= 4.0 <= 4.7
Debian ≫ Debian Linux Version10.0
Fedoraproject ≫ Fedora Version29
Canonical ≫ Ubuntu Linux Version16.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version19.04
Canonical ≫ Ubuntu Linux Version19.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 44.49% | 0.975 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|