Unrated severityNVD Advisory· Published Nov 18, 2020· Updated Aug 4, 2024

CVE-2019-12412

Description

A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.

Affected products

libapreq2/libapreq2description
Apache/Libapreq2llm-fuzzy
Range: >=2.07, <=2.13

Patches

Vulnerability mechanics

References

bugs.debian.org/939937mitrex_refsource_MISC
lists.apache.org/thread.html/rce5814279a615d4a17c870a3c5b77f57975874d382ffee0b73b7f9da%40%3Cmodperl.perl.apache.org%3Emitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000