{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T22:03:53.926","vulnerabilities":[{"cve":{"id":"CVE-2019-3994","sourceIdentifier":"vulnreport@tenable.com","published":"2019-12-17T22:15:11.263","lastModified":"2024-11-21T04:43:01.367","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated attacker can crash the ELOG server by sending multiple HTTP POST requests which causes the ELOG function retrieve_url() to use a freed variable."},{"lang":"es","value":"ELOG versión 3.1.4-57bea22 y anterior,  está afectado por una vulnerabilidad de denegación de servicio debido a un uso de la memoria previamente liberada. Un atacante remoto no autenticado puede bloquear el servidor de ELOG mediante el envío de múltiples peticiones HTTP POST, lo que causa que la función de ELOG retrieve_url() use una variable liberada."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"vulnreport@tenable.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:elog_project:elog:*:*:*:*:*:*:*:*","versionEndIncluding":"3.1.4-57bea22","matchCriteriaId":"7B663DFC-FEE7-4D89-8361-DD9698885405"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","matchCriteriaId":"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","matchCriteriaId":"80F0FA5D-8D3B-4C0E-81E2-87998286AF33"}]}]}],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2IN3FP6VXYSD4OMUCFZNOL7MKPWRQFAL/","source":"vulnreport@tenable.com"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4IAS4HI24H2ERKBZTDEVJ3LEQEFWYSCT/","source":"vulnreport@tenable.com"},{"url":"https://www.tenable.com/security/research/tra-2019-53","source":"vulnreport@tenable.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2IN3FP6VXYSD4OMUCFZNOL7MKPWRQFAL/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4IAS4HI24H2ERKBZTDEVJ3LEQEFWYSCT/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.tenable.com/security/research/tra-2019-53","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}