CVE-2019-12527 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Critical
Remote	Yes
Type	Arbitrary code execution
Description	Due to incorrect buffer management Squid versions prior to 4.8 are vulnerable to a heap overflow and possible remote code execution attack when processing HTTP Authentication credentials.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1004	squid	4.7-2	4.8-1	Critical	Fixed

Date	Advisory	Group	Package	Severity	Type
17 Jul 2019	ASA-201907-5	AVG-1004	squid	Critical	arbitrary code execution

References
http://www.squid-cache.org/Advisories/SQUID-2019_5.txt http://www.squid-cache.org/Versions/v4/changesets/squid-4-7f73e9c5d17664b882ed32590e6af310c247f320.patch