CVE-2019-18677

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-18677
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-18677.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-18677
Downstream
Related
Published
2019-11-26T17:15:12.923Z
Modified
2026-02-23T01:45:12.936862Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.

References

Affected packages

Git / gitlab.com/gnutls/gnutls

Affected ranges

Type
GIT
Repo
https://gitlab.com/gnutls/gnutls
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
377c56e8b04da5d269293c14c241691a320e3c98
Introduced
6323bbcda7e1b075a2defdf34e04008764da1a8c
Last affected
a1c1da1939efe571f427a6323a8bb5311d933061

Affected versions

Other
gnutls_2_0_0
gnutls_2_0_1
gnutls_2_1_0
gnutls_2_1_1
gnutls_2_1_2
gnutls_2_1_3
gnutls_2_1_4
gnutls_2_1_5
gnutls_2_1_6
gnutls_2_1_7
gnutls_2_1_8
gnutls_2_3_0
gnutls_2_3_1
gnutls_2_3_10
gnutls_2_3_11
gnutls_2_3_12
gnutls_2_3_13
gnutls_2_3_14
gnutls_2_3_15
gnutls_2_3_2
gnutls_2_3_3
gnutls_2_3_4
gnutls_2_3_4_netconf_0
gnutls_2_3_4_netconf_1
gnutls_2_3_4_netconf_2
gnutls_2_3_5
gnutls_2_3_6
gnutls_2_3_7
gnutls_2_3_8
gnutls_2_3_9
gnutls_2_4_0
gnutls_2_5_0
gnutls_2_5_1
gnutls_2_5_2
gnutls_2_5_3
gnutls_2_5_4
gnutls_2_5_5
gnutls_2_5_6
gnutls_2_5_7
gnutls_2_5_8
gnutls_2_5_9
gnutls_2_7_0
gnutls_2_7_1
gnutls_2_7_2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-18677.json"