CVE-2019-15164

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-15164

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-15164.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-15164

Downstream

ALPINE-CVE-2019-15164

BELL-CVE-2019-15164

DEBIAN-CVE-2019-15164

Related

MGASA-2019-0297

Published

2019-10-03T19:15:09.410Z

Modified

2026-04-02T01:41:38.990771Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.

References

Affected packages

Git / github.com/the-tcpdump-group/libpcap

Affected ranges

Type

GIT

Repo

https://github.com/the-tcpdump-group/libpcap

Events

Introduced

Fixed

d396f255cf7b96a09cf91d0e8cc94d23777d6986

Fixed

33834cb2a4d035b52aa2a26742f832a112e90a0a

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.9.1"
        }
    ]
}

Affected versions

libpcap-0.*

libpcap-0.5.1

libpcap-0.5.2

libpcap-0.6.1

libpcap-0.6.2

libpcap-0.7.1

libpcap-0.7.2

libpcap-0.8-bp

libpcap-0.8.1

libpcap-0.8.2

libpcap-0.8.3

libpcap-0.9.1

libpcap-0.9.2

libpcap-0.9.3

libpcap-0.9.4

libpcap-0.9.5

libpcap-0.9.6

libpcap-0.9.7

libpcap-0.9.8

libpcap-1.*

libpcap-1.0.0

libpcap-1.1.0

libpcap-1.1.1

libpcap-1.10-bp

libpcap-1.10.0

libpcap-1.10.1

libpcap-1.10.2

libpcap-1.10.3

libpcap-1.10.4

libpcap-1.10.5

libpcap-1.10.6

libpcap-1.2.1

libpcap-1.3-bp

libpcap-1.3.0

libpcap-1.4.0

libpcap-1.5.0

libpcap-1.5.1

libpcap-1.5.2

libpcap-1.5.3

libpcap-1.6.0-bp

libpcap-1.6.1

libpcap-1.6.2

libpcap-1.7.0

libpcap-1.7.0-bp

libpcap-1.7.2

libpcap-1.7.3

libpcap-1.7.4

libpcap-1.8.0

libpcap-1.8.0-bp

libpcap-1.8.1

libpcap-1.9-bp

libpcap-1.9.0

libpcap-1.9.0-rc1

libpcap-1.9.0rc2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-15164.json"

vanir_signatures

[
    {
        "deprecated": false,
        "signature_type": "Line",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "220771326054493557985427279142055717525",
                "125109687279265749357457515101614904409",
                "256357145648847645196325241727447482236",
                "34796557547443638241118995495406417428",
                "123042880630557422448249733276881311904",
                "169121961992058920376826039424384840240",
                "197641415233931238199510149510569630035"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/the-tcpdump-group/libpcap/commit/33834cb2a4d035b52aa2a26742f832a112e90a0a",
        "id": "CVE-2019-15164-3d532e63",
        "target": {
            "file": "rpcapd/daemon.c"
        }
    },
    {
        "deprecated": false,
        "signature_type": "Function",
        "signature_version": "v1",
        "digest": {
            "function_hash": "167369382710791498383107436899487403158",
            "length": 1671.0
        },
        "source": "https://github.com/the-tcpdump-group/libpcap/commit/33834cb2a4d035b52aa2a26742f832a112e90a0a",
        "id": "CVE-2019-15164-5e349b7a",
        "target": {
            "file": "rpcapd/daemon.c",
            "function": "daemon_msg_open_req"
        }
    }
]