CVE-2019-14851
Severity Score
6.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A denial of service vulnerability was discovered in nbdkit. A client issuing a certain sequence of commands could possibly trigger an assertion failure, causing nbdkit to exit. This issue only affected nbdkit versions 1.12.7, 1.14.1, and 1.15.1.
Se detectó una vulnerabilidad de denegación de servicio en nbdkit. Un cliente que emita una determinada secuencia de comandos podría desencadenar un fallo de aserción, causando la salida de nbdkit. Este problema solo afectó a versiones 1.12.7, 1.14.1 y 1.15.1 de nbdkit
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-08-10 CVE Reserved
- 2021-03-18 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-617: Reachable Assertion
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1757259 | 2021-03-25 | |
| https://www.redhat.com/archives/libguestfs/2019-September/msg00272.html | 2021-03-25 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nbdkit Project Search vendor "Nbdkit Project" | Nbdkit Search vendor "Nbdkit Project" for product "Nbdkit" | < 1.12.7 Search vendor "Nbdkit Project" for product "Nbdkit" and version " < 1.12.7" | - |
Affected
| ||||||
| Nbdkit Project Search vendor "Nbdkit Project" | Nbdkit Search vendor "Nbdkit Project" for product "Nbdkit" | >= 1.14.0 < 1.14.1 Search vendor "Nbdkit Project" for product "Nbdkit" and version " >= 1.14.0 < 1.14.1" | - |
Affected
| ||||||
| Nbdkit Project Search vendor "Nbdkit Project" | Nbdkit Search vendor "Nbdkit Project" for product "Nbdkit" | >= 1.15.0 < 1.15.1 Search vendor "Nbdkit Project" for product "Nbdkit" and version " >= 1.15.0 < 1.15.1" | - |
Affected
| ||||||