{"id":"CVE-2019-15164","details":"rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.","modified":"2026-04-16T04:42:48.275057046Z","published":"2019-10-03T19:15:09.410Z","references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/"},{"type":"WEB","url":"https://support.apple.com/kb/HT210785"},{"type":"WEB","url":"https://support.apple.com/kb/HT210788"},{"type":"WEB","url":"https://support.apple.com/kb/HT210789"},{"type":"WEB","url":"https://support.apple.com/kb/HT210790"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2019/Dec/26"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/"},{"type":"WEB","url":"https://seclists.org/bugtraq/2019/Dec/23"},{"type":"ADVISORY","url":"https://www.tcpdump.org/public-cve-list.txt"},{"type":"ADVISORY","url":"https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/libpcap/commit/33834cb2a4d035b52aa2a26742f832a112e90a0a"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/libpcap","events":[{"introduced":"0"},{"fixed":"d396f255cf7b96a09cf91d0e8cc94d23777d6986"},{"fixed":"33834cb2a4d035b52aa2a26742f832a112e90a0a"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.9.1"}]}}],"versions":["libpcap-0.6.1","libpcap-0.7.1","libpcap-0.8-bp","libpcap-1.7.0-bp","libpcap-1.8.0-bp","libpcap-1.8.1","libpcap-1.9-bp","libpcap-1.9.0","libpcap-1.9.0-rc1","libpcap-1.9.0rc2"],"database_specific":{"vanir_signatures_modified":"2026-04-11T12:42:28Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-15164.json","vanir_signatures":[{"signature_type":"Line","target":{"file":"rpcapd/daemon.c"},"signature_version":"v1","digest":{"line_hashes":["220771326054493557985427279142055717525","125109687279265749357457515101614904409","256357145648847645196325241727447482236","34796557547443638241118995495406417428","123042880630557422448249733276881311904","169121961992058920376826039424384840240","197641415233931238199510149510569630035"],"threshold":0.9},"source":"https://github.com/the-tcpdump-group/libpcap/commit/33834cb2a4d035b52aa2a26742f832a112e90a0a","id":"CVE-2019-15164-3d532e63","deprecated":false},{"deprecated":false,"target":{"file":"rpcapd/daemon.c","function":"daemon_msg_open_req"},"signature_version":"v1","digest":{"length":1671,"function_hash":"167369382710791498383107436899487403158"},"source":"https://github.com/the-tcpdump-group/libpcap/commit/33834cb2a4d035b52aa2a26742f832a112e90a0a","id":"CVE-2019-15164-5e349b7a","signature_type":"Function"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}]}