CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-19240

Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. The GoAhead WebsRedirect uses a static host buffer that has a limited length and can overflow. This can cause a copy of the Host header to fail, leaving that buffer uninitialized, which may leak uninitialized data in a response.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.1%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

Products affected by CVE-2019-19240

Embedthis » Goahead » Version: N/A

cpe:2.3:a:embedthis:goahead:-
Embedthis » Goahead » Version: 2.1.5

cpe:2.3:a:embedthis:goahead:2.1.5
Embedthis » Goahead » Version: 2.1.8

cpe:2.3:a:embedthis:goahead:2.1.8
Embedthis » Goahead » Version: 2.5.0

cpe:2.3:a:embedthis:goahead:2.5.0
Embedthis » Goahead » Version: 3.0.0

cpe:2.3:a:embedthis:goahead:3.0.0
Embedthis » Goahead » Version: 3.1.0

cpe:2.3:a:embedthis:goahead:3.1.0
Embedthis » Goahead » Version: 3.1.1

cpe:2.3:a:embedthis:goahead:3.1.1
Embedthis » Goahead » Version: 3.1.2

cpe:2.3:a:embedthis:goahead:3.1.2
Embedthis » Goahead » Version: 3.1.3

cpe:2.3:a:embedthis:goahead:3.1.3
Embedthis » Goahead » Version: 3.3.0

cpe:2.3:a:embedthis:goahead:3.3.0
Embedthis » Goahead » Version: 3.3.1

cpe:2.3:a:embedthis:goahead:3.3.1
Embedthis » Goahead » Version: 3.3.2

cpe:2.3:a:embedthis:goahead:3.3.2
Embedthis » Goahead » Version: 3.3.3

cpe:2.3:a:embedthis:goahead:3.3.3
Embedthis » Goahead » Version: 3.3.4

cpe:2.3:a:embedthis:goahead:3.3.4
Embedthis » Goahead » Version: 3.3.5

cpe:2.3:a:embedthis:goahead:3.3.5
Embedthis » Goahead » Version: 3.3.6

cpe:2.3:a:embedthis:goahead:3.3.6
Embedthis » Goahead » Version: 3.4.0

cpe:2.3:a:embedthis:goahead:3.4.0
Embedthis » Goahead » Version: 3.4.1

cpe:2.3:a:embedthis:goahead:3.4.1
Embedthis » Goahead » Version: 3.4.10

cpe:2.3:a:embedthis:goahead:3.4.10
Embedthis » Goahead » Version: 3.4.11

cpe:2.3:a:embedthis:goahead:3.4.11
Embedthis » Goahead » Version: 3.4.12

cpe:2.3:a:embedthis:goahead:3.4.12
Embedthis » Goahead » Version: 3.4.2

cpe:2.3:a:embedthis:goahead:3.4.2
Embedthis » Goahead » Version: 3.4.3

cpe:2.3:a:embedthis:goahead:3.4.3
Embedthis » Goahead » Version: 3.4.4

cpe:2.3:a:embedthis:goahead:3.4.4
Embedthis » Goahead » Version: 3.4.5

cpe:2.3:a:embedthis:goahead:3.4.5
Embedthis » Goahead » Version: 3.4.6

cpe:2.3:a:embedthis:goahead:3.4.6
Embedthis » Goahead » Version: 3.4.7

cpe:2.3:a:embedthis:goahead:3.4.7
Embedthis » Goahead » Version: 3.4.8

cpe:2.3:a:embedthis:goahead:3.4.8
Embedthis » Goahead » Version: 3.4.9

cpe:2.3:a:embedthis:goahead:3.4.9
Embedthis » Goahead » Version: 3.5.0

cpe:2.3:a:embedthis:goahead:3.5.0
Embedthis » Goahead » Version: 3.6.0

cpe:2.3:a:embedthis:goahead:3.6.0
Embedthis » Goahead » Version: 3.6.1

cpe:2.3:a:embedthis:goahead:3.6.1
Embedthis » Goahead » Version: 3.6.2

cpe:2.3:a:embedthis:goahead:3.6.2
Embedthis » Goahead » Version: 3.6.3

cpe:2.3:a:embedthis:goahead:3.6.3
Embedthis » Goahead » Version: 3.6.4

cpe:2.3:a:embedthis:goahead:3.6.4
Embedthis » Goahead » Version: 3.6.5

cpe:2.3:a:embedthis:goahead:3.6.5
Embedthis » Goahead » Version: 4.0.0

cpe:2.3:a:embedthis:goahead:4.0.0
Embedthis » Goahead » Version: 4.0.1

cpe:2.3:a:embedthis:goahead:4.0.1
Embedthis » Goahead » Version: 4.0.2

cpe:2.3:a:embedthis:goahead:4.0.2
Embedthis » Goahead » Version: 4.1.0

cpe:2.3:a:embedthis:goahead:4.1.0
Embedthis » Goahead » Version: 4.1.1

cpe:2.3:a:embedthis:goahead:4.1.1
Embedthis » Goahead » Version: 4.1.2

cpe:2.3:a:embedthis:goahead:4.1.2
Embedthis » Goahead » Version: 4.1.3

cpe:2.3:a:embedthis:goahead:4.1.3
Embedthis » Goahead » Version: 5.0.0

cpe:2.3:a:embedthis:goahead:5.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-19240

Products

Pricing

Contact Us