Lucene search
GoogleOSV:CVE-2018-19115HistoryNov 08, 2018 - 8:29 p.m.
CVE-2018-19115
2018-11-0820:29:00
Google
osv.dev
4
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
| CPE | Name | Operator | Version |
|---|---|---|---|
| keepalived | eq | 1.2.24 | |
| keepalived | eq | 1.2.18 | |
| keepalived | eq | 1.2.5 | |
| keepalived | eq | 1.2.2 | |
| keepalived | eq | 0.4.9 | |
| keepalived | eq | 1.3.6 | |
| keepalived | eq | 1.4.1 | |
| keepalived | eq | 1.2.14 | |
| keepalived | eq | 1.0.0 | |
| keepalived | eq | 1.1.17 |
References
access.redhat.com/errata/RHSA-2019:0022
access.redhat.com/errata/RHSA-2019:1792
access.redhat.com/errata/RHSA-2019:1945
bugzilla.suse.com/show_bug.cgi?id=1015141
github.com/acassen/keepalived/pull/961
github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9
lists.debian.org/debian-lts-announce/2018/11/msg00034.html
security.gentoo.org/glsa/201903-01
usn.ubuntu.com/3995-1/
usn.ubuntu.com/3995-2/
Related
nessus
nessus
Oracle Linux 7 : keepalived (ELSA-2019-0022)
2019-01-07 00:00:00
EulerOS 2.0 SP5 : keepalived (EulerOS-SA-2019-1680)
2019-07-02 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for keepalived (EulerOS-SA-2019-1710)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for keepalived (EulerOS-SA-2019-1739)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for keepalived (EulerOS-SA-2019-2044)
2020-01-23 00:00:00
ubuntucve
ubuntucve
CVE-2018-19115
2018-11-08 00:00:00
cvelist
cvelist
CVE-2018-19115
2018-11-08 20:00:00
oraclelinux
oraclelinux
keepalived security update
2019-01-04 00:00:00
centos
centos
keepalived security update
2019-01-06 12:09:18
ubuntu
ubuntu
Keepalived vulnerability
2019-05-28 00:00:00
Keepalived vulnerability
2019-05-28 00:00:00
redhat
redhat
(RHSA-2019:1792) Important: keepalived security update
2019-07-16 11:50:57
(RHSA-2019:0022) Important: keepalived security update
2019-01-03 20:48:42
(RHSA-2019:1945) Important: keepalived security update
2019-07-30 08:22:58
amazon
amazon
Important: keepalived
2019-01-23 23:30:00
redhatcve
redhatcve
CVE-2018-19115
2019-10-10 11:58:24
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:27:03
rosalinux
rosalinux
Advisory ROSA-SA-2021-1858
2021-07-02 17:07:59
debian
debian
[SECURITY] [DLA-1589-1] keepalived security update
2018-11-26 14:05:13
nvd
nvd
CVE-2018-19115
2018-11-08 20:29:00
osv
osv
keepalived - security update
2018-11-22 00:00:00
cve
cve
CVE-2018-19115
2018-11-08 20:29:00
debiancve
debiancve
CVE-2018-19115
2018-11-08 20:29:00
ibm
ibm
Security Bulletin: A vulnerability in keepalived affects PowerKVM
2019-03-04 05:55:02
prion
prion
Heap overflow
2018-11-08 20:29:00
mageia
mageia
Updated keepalived package fixes security vulnerabilities
2018-12-30 02:24:32
gentoo
gentoo
Keepalived: Multiple vulnerabilities
2019-03-10 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: keepalived-2.0.10-1.fc29
2018-12-11 02:43:12