Updated: 2024-11-30 02:38:29.705115
Description:
An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | MEDIUM | 5 |
CVSS Version 3.x | HIGH | 7.5 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
CentOS 6 ELS | squid | 3.1.23 | 7.5 | HIGH | Released | CLSA-2021:1628782974 | 2022-05-05 12:00:32 | |
CentOS 6 ELS | squid34 | 3.4.14 | 7.5 | HIGH | Released | CLSA-2021:1632262221 | 2022-05-05 12:36:55 | |
CloudLinux 6 ELS | squid | 3.1.23 | 7.5 | HIGH | Released | 2021-12-09 07:57:07 | ||
CloudLinux 6 ELS | squid34 | 3.4.14 | 7.5 | HIGH | Released | 2021-12-09 07:57:07 | ||
Oracle Linux 6 ELS | squid | 3.1.23 | 7.5 | HIGH | Released | CLSA-2021:1634925554 | 2021-12-09 07:57:07 | |
Oracle Linux 6 ELS | squid34 | 3.4.14 | 7.5 | HIGH | Released | CLSA-2021:1634925634 | 2021-12-09 07:57:07 | |
Ubuntu 16.04 ELS | squid | 3.5.12-1 | 7.5 | HIGH | Not Vulnerable | 2021-12-09 07:57:07 |