CVE-2019-12900

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 19.04

Configuration E

24 vulnerable

Vulnerable Software	Affected Versions
Freebsd Freebsd	Version 11.2
Freebsd Freebsd	Version 11.2 p10
Freebsd Freebsd	Version 11.2 p11
Freebsd Freebsd	Version 11.2 p12
Freebsd Freebsd	Version 11.2 p2
Freebsd Freebsd	Version 11.2 p3
Freebsd Freebsd	Version 11.2 p4
Freebsd Freebsd	Version 11.2 p5
Freebsd Freebsd	Version 11.2 p6
Freebsd Freebsd	Version 11.2 p7
Freebsd Freebsd	Version 11.2 p8
Freebsd Freebsd	Version 11.2 p9
Freebsd Freebsd	Version 11.2 rc3
Freebsd Freebsd	Version 11.3
Freebsd Freebsd	Version 11.3 p1
Freebsd Freebsd	Version 12.0
Freebsd Freebsd	Version 12.0 p1
Freebsd Freebsd	Version 12.0 p2
Freebsd Freebsd	Version 12.0 p3
Freebsd Freebsd	Version 12.0 p4
Freebsd Freebsd	Version 12.0 p5
Freebsd Freebsd	Version 12.0 p6
Freebsd Freebsd	Version 12.0 p7
Freebsd Freebsd	Version 12.0 p8

Configuration F

4 vulnerable

Vulnerable Software	Affected Versions
Python Python	From 3.10.0 to 3.10.3
Python Python	From 3.7.0 to 3.7.13
Python Python	From 3.8.0 to 3.8.13
Python Python	From 3.9.0 to 3.9.11

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (46)

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc

Source: cve@mitre.org

PatchVendor Advisory

https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774%40%3Cuser.flink.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4%40%3Cuser.flink.apache.org%3E

Source: cve@mitre.org

https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://seclists.org/bugtraq/2019/Aug/4

Source: cve@mitre.org

Mailing ListPatchThird Party Advisory

https://seclists.org/bugtraq/2019/Jul/22

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc

Source: cve@mitre.org

PatchThird Party Advisory

https://support.f5.com/csp/article/K68713584?utm_source=f5support&amp%3Butm_medium=RSS

Source: cve@mitre.org

https://usn.ubuntu.com/4038-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4038-2/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4146-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4146-2/

Source: cve@mitre.org

Third Party Advisory

https://www.oracle.com/security-alerts/cpuoct2020.html

Source: cve@mitre.org

PatchThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html