CVE-2021-33620
Updated: 2022-06-03 14:22:34.170415
Description:
Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.
| Links | NIST | CIRCL | RHEL | Ubuntu |
Severity
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | MEDIUM | 4 |
| CVSS Version 3.x | MEDIUM | 6.5 |
Status
| OS name | Project name | Version | Status | Errata | Last updated |
|---|---|---|---|---|---|
| CentOS 6 ELS | squid34 | 3.4.14-15 | Ignored | 2021-11-02 14:03:19.11311 | |
| CentOS 6 ELS | squid | 3.1.23 | Ignored | 2021-11-02 14:03:19.08418 | |
| CentOS 8.4 ELS | squid | 4.11-4 | Released | CLSA-2022:1646060698 | 2022-02-28 14:41:41.098439 |
| CentOS 8.5 ELS | squid | 4.15-1 | Not vulnerable | 2022-02-17 12:11:05.707548 | |
| CloudLinux 6 ELS | squid34 | 3.4.14-15 | Ignored | 2021-11-02 14:03:19.120092 | |
| CloudLinux 6 ELS | squid | 3.1.23 | Ignored | 2021-11-02 14:03:19.090807 | |
| Oracle Linux 6 ELS | squid | 3.1.23 | Ignored | 2021-11-02 14:03:19.097637 | |
| Oracle Linux 6 ELS | squid34 | 3.4.14-15 | Ignored | 2021-11-02 14:03:19.127636 | |
| Ubuntu 16.04 ELS | squid | 3.5.12-1ubuntu7.15 | Ignored | 2021-11-02 14:03:19.105228 |