Your submission was sent successfully! Close

CVE-2019-12519

Published: 15 April 2020

An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
squid
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan
Released (4.8-1ubuntu2.3)
focal
Released (4.10-1ubuntu1.1)
groovy
Released (4.10-1ubuntu2)
hirsute
Released (4.10-1ubuntu2)
precise Does not exist

trusty Does not exist

upstream
Released (4.11)
xenial Does not exist

squid3
Launchpad, Ubuntu, Debian
bionic
Released (3.5.27-1ubuntu1.6)
eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Ignored
(end of ESM support, was needs-triage)
trusty Does not exist

upstream Needs triage

xenial
Released (3.5.12-1ubuntu7.11)