Candidate: CVE-2019-3994
PublicDate: 2019-12-17 22:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3994
 https://www.tenable.com/security/research/tra-2019-53
Description:
 ELOG 3.1.4-57bea22 and below is affected by a denial of service
 vulnerability due to a use after free. A remote unauthenticated attacker
 can crash the ELOG server by sending multiple HTTP POST requests which
 causes the ELOG function retrieve_url() to use a freed variable.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]


Patches_elog:
upstream_elog: needs-triage
precise/esm_elog: DNE
trusty_elog: ignored (out of standard support)
trusty/esm_elog: DNE
xenial_elog: ignored (end of standard support, was needs-triage)
bionic_elog: needs-triage
disco_elog: ignored (reached end-of-life)
eoan_elog: ignored (reached end-of-life)
focal_elog: needs-triage
groovy_elog: ignored (reached end-of-life)
hirsute_elog: ignored (reached end-of-life)
impish_elog: needs-triage
jammy_elog: needs-triage
devel_elog: DNE