Extended Lifecycle Support CVE dashboard by TuxСare

CVEs Releases Projects

CVE-2021-33620

Updated: 2022-06-03 14:22:34.170415

Description:

Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 4
CVSS Version 3.x MEDIUM 6.5

Status

OS name Project name Version Status Errata Last updated
CentOS 6 ELS squid34 3.4.14-15 Ignored 2021-11-02 14:03:19.11311
CentOS 6 ELS squid 3.1.23 Ignored 2021-11-02 14:03:19.08418
CentOS 8.4 ELS squid 4.11-4 Released CLSA-2022:1646060698 2022-02-28 14:41:41.098439
CentOS 8.5 ELS squid 4.15-1 Not vulnerable 2022-02-17 12:11:05.707548
CloudLinux 6 ELS squid34 3.4.14-15 Ignored 2021-11-02 14:03:19.120092
CloudLinux 6 ELS squid 3.1.23 Ignored 2021-11-02 14:03:19.090807
Oracle Linux 6 ELS squid 3.1.23 Ignored 2021-11-02 14:03:19.097637
Oracle Linux 6 ELS squid34 3.4.14-15 Ignored 2021-11-02 14:03:19.127636
Ubuntu 16.04 ELS squid 3.5.12-1ubuntu7.15 Ignored 2021-11-02 14:03:19.105228