CVE-2019-12519

Source
https://nvd.nist.gov/vuln/detail/CVE-2019-12519
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-12519.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-12519
Related
Published
2020-04-15T20:15:13Z
Modified
2024-09-18T03:02:06.193084Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.

References

Affected packages

Alpine:v3.10 / squid

Package

Name
squid
Purl
pkg:apk/alpine/squid?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.11-r0

Affected versions

2.*

2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.6-r4
2.7.6-r5
2.7.6-r6
2.7.6-r7
2.7.6-r8
2.7.6-r9
2.7.6-r10
2.7.6-r11
2.7.6-r12
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.7-r5
2.7.9-r0
2.7.9-r1
2.7.9-r2
2.7.9-r3
2.7.9-r4

3.*

3.2.0.12-r1
3.2.0.12-r2
3.2.0.12-r3
3.2.0.12-r4
3.2.0.13-r0
3.2.0.16-r0
3.2.0.17-r0
3.2.0.17-r1
3.2.0.17-r2
3.2.0.18-r0
3.2.0.18-r1
3.2.0.19-r0
3.2.0.19-r1
3.2.2-r0
3.2.3-r0
3.2.4-r0
3.2.5-r0
3.2.6-r0
3.2.6-r1
3.2.7-r1
3.2.7-r2
3.3.2-r0
3.3.3-r0
3.3.4-r0
3.3.5-r0
3.3.6-r0
3.3.7-r0
3.3.8-r0
3.3.8-r1
3.3.9-r0
3.3.10-r0
3.3.11-r0
3.3.11-r1
3.4.5-r0
3.4.6-r0
3.4.6-r1
3.4.7-r0
3.4.8-r0
3.4.9-r0
3.4.10-r0
3.4.11-r0
3.4.12-r0
3.5.2-r0
3.5.2-r1
3.5.3-r0
3.5.4-r0
3.5.4-r1
3.5.5-r0
3.5.6-r0
3.5.6-r1
3.5.7-r0
3.5.8-r0
3.5.10-r0
3.5.11-r0
3.5.12-r0
3.5.13-r0
3.5.14-r0
3.5.14-r1
3.5.15-r0
3.5.15-r1
3.5.16-r0
3.5.17-r0
3.5.17-r1
3.5.19-r0
3.5.19-r1
3.5.20-r0
3.5.20-r1
3.5.20-r2
3.5.22-r0
3.5.23-r0
3.5.23-r1
3.5.23-r2
3.5.23-r3
3.5.23-r4
3.5.27-r0
3.5.27-r1
3.5.27-r2
3.5.28-r0

4.*

4.2-r0
4.2-r1
4.4-r0
4.4-r1
4.6-r0
4.6-r1
4.8-r0
4.8-r1
4.10-r0

Alpine:v3.11 / squid

Package

Name
squid
Purl
pkg:apk/alpine/squid?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.11-r0

Affected versions

2.*

2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.6-r4
2.7.6-r5
2.7.6-r6
2.7.6-r7
2.7.6-r8
2.7.6-r9
2.7.6-r10
2.7.6-r11
2.7.6-r12
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.7-r5
2.7.9-r0
2.7.9-r1
2.7.9-r2
2.7.9-r3
2.7.9-r4

3.*

3.2.0.12-r1
3.2.0.12-r2
3.2.0.12-r3
3.2.0.12-r4
3.2.0.13-r0
3.2.0.16-r0
3.2.0.17-r0
3.2.0.17-r1
3.2.0.17-r2
3.2.0.18-r0
3.2.0.18-r1
3.2.0.19-r0
3.2.0.19-r1
3.2.2-r0
3.2.3-r0
3.2.4-r0
3.2.5-r0
3.2.6-r0
3.2.6-r1
3.2.7-r1
3.2.7-r2
3.3.2-r0
3.3.3-r0
3.3.4-r0
3.3.5-r0
3.3.6-r0
3.3.7-r0
3.3.8-r0
3.3.8-r1
3.3.9-r0
3.3.10-r0
3.3.11-r0
3.3.11-r1
3.4.5-r0
3.4.6-r0
3.4.6-r1
3.4.7-r0
3.4.8-r0
3.4.9-r0
3.4.10-r0
3.4.11-r0
3.4.12-r0
3.5.2-r0
3.5.2-r1
3.5.3-r0
3.5.4-r0
3.5.4-r1
3.5.5-r0
3.5.6-r0
3.5.6-r1
3.5.7-r0
3.5.8-r0
3.5.10-r0
3.5.11-r0
3.5.12-r0
3.5.13-r0
3.5.14-r0
3.5.14-r1
3.5.15-r0
3.5.15-r1
3.5.16-r0
3.5.17-r0
3.5.17-r1
3.5.19-r0
3.5.19-r1
3.5.20-r0
3.5.20-r1
3.5.20-r2
3.5.22-r0
3.5.23-r0
3.5.23-r1
3.5.23-r2
3.5.23-r3
3.5.23-r4
3.5.27-r0
3.5.27-r1
3.5.27-r2
3.5.28-r0

4.*

4.2-r0
4.2-r1
4.4-r0
4.4-r1
4.6-r0
4.6-r1
4.8-r0
4.8-r1
4.9-r0
4.10-r0

Alpine:v3.9 / squid

Package

Name
squid
Purl
pkg:apk/alpine/squid?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.11-r0

Affected versions

2.*

2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.6-r4
2.7.6-r5
2.7.6-r6
2.7.6-r7
2.7.6-r8
2.7.6-r9
2.7.6-r10
2.7.6-r11
2.7.6-r12
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.7-r5
2.7.9-r0
2.7.9-r1
2.7.9-r2
2.7.9-r3
2.7.9-r4

3.*

3.2.0.12-r1
3.2.0.12-r2
3.2.0.12-r3
3.2.0.12-r4
3.2.0.13-r0
3.2.0.16-r0
3.2.0.17-r0
3.2.0.17-r1
3.2.0.17-r2
3.2.0.18-r0
3.2.0.18-r1
3.2.0.19-r0
3.2.0.19-r1
3.2.2-r0
3.2.3-r0
3.2.4-r0
3.2.5-r0
3.2.6-r0
3.2.6-r1
3.2.7-r1
3.2.7-r2
3.3.2-r0
3.3.3-r0
3.3.4-r0
3.3.5-r0
3.3.6-r0
3.3.7-r0
3.3.8-r0
3.3.8-r1
3.3.9-r0
3.3.10-r0
3.3.11-r0
3.3.11-r1
3.4.5-r0
3.4.6-r0
3.4.6-r1
3.4.7-r0
3.4.8-r0
3.4.9-r0
3.4.10-r0
3.4.11-r0
3.4.12-r0
3.5.2-r0
3.5.2-r1
3.5.3-r0
3.5.4-r0
3.5.4-r1
3.5.5-r0
3.5.6-r0
3.5.6-r1
3.5.7-r0
3.5.8-r0
3.5.10-r0
3.5.11-r0
3.5.12-r0
3.5.13-r0
3.5.14-r0
3.5.14-r1
3.5.15-r0
3.5.15-r1
3.5.16-r0
3.5.17-r0
3.5.17-r1
3.5.19-r0
3.5.19-r1
3.5.20-r0
3.5.20-r1
3.5.20-r2
3.5.22-r0
3.5.23-r0
3.5.23-r1
3.5.23-r2
3.5.23-r3
3.5.23-r4
3.5.27-r0
3.5.27-r1
3.5.27-r2
3.5.28-r0

4.*

4.2-r0
4.2-r1
4.4-r0
4.4-r1
4.8-r0
4.8-r1
4.10-r0

Debian:11 / squid

Package

Name
squid
Purl
pkg:deb/debian/squid?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.11-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / squid

Package

Name
squid
Purl
pkg:deb/debian/squid?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.11-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / squid

Package

Name
squid
Purl
pkg:deb/debian/squid?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.11-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/squid-cache/squid

Affected ranges

Type
GIT
Repo
https://github.com/squid-cache/squid
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected
Last affected

Affected versions

Other

BASIC_TPROXY4
M-staged-PR161
M-staged-PR164
M-staged-PR170
M-staged-PR176
M-staged-PR179
M-staged-PR181
M-staged-PR182
M-staged-PR186
M-staged-PR189
M-staged-PR193
M-staged-PR195
M-staged-PR196
M-staged-PR198
M-staged-PR199
M-staged-PR200
M-staged-PR202
M-staged-PR206
M-staged-PR208
M-staged-PR209
M-staged-PR210
M-staged-PR218
M-staged-PR220
M-staged-PR221
M-staged-PR225
M-staged-PR227
M-staged-PR229
M-staged-PR230
M-staged-PR235
M-staged-PR237
M-staged-PR238
M-staged-PR239
M-staged-PR241
M-staged-PR242
M-staged-PR252
M-staged-PR255
M-staged-PR258
M-staged-PR264
M-staged-PR266
M-staged-PR267
M-staged-PR268
M-staged-PR274
M-staged-PR276
M-staged-PR293
M-staged-PR294
M-staged-PR295
M-staged-PR299
M-staged-PR306
M-staged-PR314
M-staged-PR319
M-staged-PR342
M-staged-PR345
M-staged-PR348
M-staged-PR351
M-staged-PR359
M-staged-PR364
M-staged-PR365
M-staged-PR366
M-staged-PR370
M-staged-PR372
M-staged-PR373
M-staged-PR375
M-staged-PR376
SQUID_3_0_PRE1
SQUID_3_0_PRE2
SQUID_3_0_PRE3
SQUID_3_0_PRE4
SQUID_3_0_PRE5
SQUID_3_0_PRE6
SQUID_3_0_PRE7
SQUID_3_0_RC1
SQUID_3_5_0_1
SQUID_3_5_0_2
SQUID_3_5_0_3
SQUID_3_5_0_4
SQUID_3_5_1
SQUID_3_5_10
SQUID_3_5_11
SQUID_3_5_12
SQUID_3_5_13
SQUID_3_5_14
SQUID_3_5_15
SQUID_3_5_16
SQUID_3_5_17
SQUID_3_5_18
SQUID_3_5_19
SQUID_3_5_2
SQUID_3_5_20
SQUID_3_5_21
SQUID_3_5_22
SQUID_3_5_23
SQUID_3_5_24
SQUID_3_5_25
SQUID_3_5_26
SQUID_3_5_27
SQUID_3_5_28
SQUID_3_5_3
SQUID_3_5_4
SQUID_3_5_5
SQUID_3_5_6
SQUID_3_5_7
SQUID_3_5_8
SQUID_3_5_9
SQUID_4_0_1
SQUID_4_0_10
SQUID_4_0_11
SQUID_4_0_12
SQUID_4_0_13
SQUID_4_0_14
SQUID_4_0_15
SQUID_4_0_16
SQUID_4_0_17
SQUID_4_0_18
SQUID_4_0_19
SQUID_4_0_2
SQUID_4_0_20
SQUID_4_0_21
SQUID_4_0_22
SQUID_4_0_23
SQUID_4_0_24
SQUID_4_0_25
SQUID_4_0_3
SQUID_4_0_4
SQUID_4_0_5
SQUID_4_0_6
SQUID_4_0_7
SQUID_4_0_8
SQUID_4_0_9
SQUID_4_1
SQUID_4_10
SQUID_4_2
SQUID_4_3
SQUID_4_4
SQUID_4_5
SQUID_4_6
SQUID_4_7
SQUID_4_8
SQUID_4_9
SQUID_5_0_1
for-libecap-v0p1
merge-candidate-3-v1
merge-candidate-3-v2
sourceformat-review-1
take00
take01
take02
take03
take04
take06
take07
take08
take09
take1
take2

BumpSslServerFirst.*

BumpSslServerFirst.take01
BumpSslServerFirst.take02
BumpSslServerFirst.take03
BumpSslServerFirst.take04
BumpSslServerFirst.take05
BumpSslServerFirst.take06
BumpSslServerFirst.take07
BumpSslServerFirst.take08
BumpSslServerFirst.take09
BumpSslServerFirst.take10