{"id":"ALPINE-CVE-2019-17042","details":"An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.","modified":"2025-12-03T22:48:41.875730Z","published":"2019-10-07T16:15:11.647Z","upstream":["CVE-2019-17042"],"references":[{"type":"ADVISORY","url":"https://security.alpinelinux.org/vuln/CVE-2019-17042"}],"affected":[{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.10","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1904.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.11","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1908.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.1908.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.12","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1908.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.1908.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.13","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1908.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.1908.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.14","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1908.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.1908.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.15","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1908.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.1908.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.16","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1908.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.1908.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.17","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1908.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.1908.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.18","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1908.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.1908.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.19","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1908.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.1908.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.20","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1908.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.1908.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.21","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1908.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.1908.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.22","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1908.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.1908.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.23","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1908.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.1904.0-r0","8.1908.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.7","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.31.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.8","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.34.0-r1"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}},{"package":{"name":"rsyslog","ecosystem":"Alpine:v3.9","purl":"pkg:apk/alpine/rsyslog?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.40.0-r4"}]}],"versions":["5.6.2-r0","5.8.0-r0","5.8.0-r1","5.8.5-r0","5.8.7-r0","5.8.7-r1","6.2.0-r0","6.2.2-r0","6.2.2-r1","6.2.2-r2","6.2.2-r3","6.4.2-r0","6.4.2-r1","6.4.2-r2","8.16.0-r0","8.18.0-r0","8.2.1-r0","8.2.2-r0","8.20.0-r0","8.20.0-r1","8.23.0-r0","8.24.0-r0","8.25.0-r0","8.26.0-r0","8.27.0-r0","8.30.0-r0","8.31.0-r0","8.31.0-r1","8.33.1-r0","8.33.1-r1","8.34.0-r0","8.36.0-r0","8.37.0-r0","8.4.1-r0","8.4.2-r0","8.4.2-r1","8.40.0-r0","8.40.0-r1","8.40.0-r2","8.40.0-r3","8.7.0-r0","8.9.0-r0","8.9.0-r1","8.9.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-17042.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}