CVE-2019-14851
MEDIUMnbdkit 1.12.7 1.14.1 1.15.1 - Denial of Service via Assertion Failure
Title source: llmDescription
A denial of service vulnerability was discovered in nbdkit. A client issuing a certain sequence of commands could possibly trigger an assertion failure, causing nbdkit to exit. This issue only affected nbdkit versions 1.12.7, 1.14.1, and 1.15.1.
References (2)
Core 2
Core References
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1757259
Mailing List, Patch, Vendor Advisory x_refsource_misc
https://www.redhat.com/archives/libguestfs/2019-September/msg00272.html
Scores
CVSS v3
6.5
EPSS
0.0099
EPSS Percentile
58.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-617
Status
published
Products (1)
nbdkit_project/nbdkit
< 1.12.7
Published
Mar 18, 2021
Tracked Since
Feb 18, 2026