CVSS: 7.4EPSS: 0%CPEs: 17EXPL: 0CVE-2019-18677 – squid: Cross-Site Request Forgery issue in HTTP Request processing
https://notcve.org/view.php?id=CVE-2019-18677
An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to. Se descubrió un problema en Squid versiones 2.x, 3.x y versiones 4.x hasta 4.8 cuando la configuración append_domain es usada (porque los caracteres añadidos no interactúan apropiadamente con las restricciones de longitud del nombre de host). Debido a un procesamiento incorrecto del mensaje, puede redireccionar inapropiadamente el tráfico a los orígenes a los que no debe ser enviado. • http://www.squid-cache.org/Advisories/SQUID-2019_9.txt http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-e5f1813a674848dde570f7920873e1071f96e0b4.patch http://www.squid-cache.org/Versions/v4/changesets/squid-4-36492033ea4097821a4f7ff3ddcb971fbd1e8ba0.patch https://bugzilla.suse.com/show_bug.cgi?id=1156328 https://github.com/squid-cache/squid/pull/427 https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html h • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 1%CPEs: 9EXPL: 0CVE-2019-18678 – squid: HTTP Request Splitting issue in HTTP message processing
https://notcve.org/view.php?id=CVE-2019-18678
An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. • http://www.squid-cache.org/Advisories/SQUID-2019_10.txt http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch https://bugzilla.suse.com/show_bug.cgi?id=1156323 https://github.com/squid-cache/squid/pull/445 https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW5367 • CWE-20: Improper Input Validation CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 19%CPEs: 18EXPL: 0CVE-2019-18679 – squid: Information Disclosure issue in HTTP Digest Authentication
https://notcve.org/view.php?id=CVE-2019-18679
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks. Se descubrió un problema en Squid versiones 2.x, 3.x y versiones 4.x hasta 4.8. • http://www.squid-cache.org/Advisories/SQUID-2019_11.txt http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch https://bugzilla.suse.com/show_bug.cgi?id=1156324 https://github.com/squid-cache/squid/pull/491 https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW5367 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-19244
https://notcve.org/view.php?id=CVE-2019-19244
sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. La función sqlite3Select en el archivo select.c en SQLite versión 3.30.1, permite un bloqueo si una sub-selección utiliza las funciones DISTINCT y window, y también tiene cierto uso ORDER BY. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348 https://usn.ubuntu.com/4205-1 https://www.oracle.com/security-alerts/cpuapr2020.html •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-19246 – oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c
https://notcve.org/view.php?id=CVE-2019-19246
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c. Oniguruma versiones hasta 6.9.3, como es usado en PHP versión 7.3.x y otros productos, presenta una lectura excesiva de búfer en la región heap de la memoria en la función str_lower_case_match en el archivo regexec.c. • https://bugs.php.net/bug.php?id=78559 https://github.com/kkos/oniguruma/commit/d3e402928b6eb3327f8f7d59a9edfa622fec557b https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V https://usn.ubuntu.com/4460-1 https://access.redhat.com/security/cve/CVE-2019-19246 https://bugzilla.redhat.com/show_bug.cgi?id=1777537 • CWE-125: Out-of-bounds Read •