CVE-2019-18679

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-18679
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-18679.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-18679
Downstream
Related
Published
2019-11-26T17:15:13.047Z
Modified
2026-03-15T22:27:59.623713Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.

References

Affected packages

Git / github.com/squid-cache/squid

Affected ranges

Type
GIT
Repo
https://github.com/squid-cache/squid
Events
Introduced
a35595cde3981998c2483c81c4507c22ec289ad6
Last affected
fede82b3e7aa1f12a91bade17f6ac0d4c7463e0a
Database specific 
{
    "versions": [
        {
            "introduced": "4.x"
        },
        {
            "last_affected": "4.8."
        }
    ]
}

Affected versions

Other
BASIC_TPROXY4
SQUID_4_0_1
SQUID_4_0_10
SQUID_4_0_11
SQUID_4_0_12
SQUID_4_0_13
SQUID_4_0_14
SQUID_4_0_15
SQUID_4_0_16
SQUID_4_0_17
SQUID_4_0_18
SQUID_4_0_19
SQUID_4_0_2
SQUID_4_0_20
SQUID_4_0_21
SQUID_4_0_22
SQUID_4_0_23
SQUID_4_0_24
SQUID_4_0_25
SQUID_4_0_3
SQUID_4_0_4
SQUID_4_0_5
SQUID_4_0_6
SQUID_4_0_7
SQUID_4_0_8
SQUID_4_0_9
SQUID_4_1
SQUID_4_2
SQUID_4_3
SQUID_4_4
SQUID_4_5
SQUID_4_6
SQUID_4_7
SQUID_4_8
for-libecap-v0p1
merge-candidate-3-v1
merge-candidate-3-v2
sourceformat-review-1
take00
take01
take02
take03
take04
take06
take07
take08
take09
take1
take2
BumpSslServerFirst.*
BumpSslServerFirst.take01
BumpSslServerFirst.take02
BumpSslServerFirst.take03
BumpSslServerFirst.take04
BumpSslServerFirst.take05
BumpSslServerFirst.take06
BumpSslServerFirst.take07
BumpSslServerFirst.take08
BumpSslServerFirst.take09
BumpSslServerFirst.take10

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "2.0"
            },
            {
                "last_affected": "2.7"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "3.0"
            },
            {
                "last_affected": "3.5.28"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "4.0"
            },
            {
                "last_affected": "4.8"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.7-stable2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.7-stable3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.7-stable4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.7-stable5"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.7-stable6"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.7-stable7"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.7-stable8"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.7-stable9"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "16.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "18.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "19.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "19.10"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "30"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "31"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-18679.json"