CVE-2020-8449

Updated: 2024-11-30 02:38:29.705115

Description:

An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 5
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS squid 3.1.23 7.5 HIGH Released CLSA-2021:1628782974 2022-05-05 12:00:32
CentOS 6 ELS squid34 3.4.14 7.5 HIGH Released CLSA-2021:1632262221 2022-05-05 12:36:55
CloudLinux 6 ELS squid 3.1.23 7.5 HIGH Released 2021-12-09 07:57:07
CloudLinux 6 ELS squid34 3.4.14 7.5 HIGH Released 2021-12-09 07:57:07
Oracle Linux 6 ELS squid 3.1.23 7.5 HIGH Released CLSA-2021:1634925554 2021-12-09 07:57:07
Oracle Linux 6 ELS squid34 3.4.14 7.5 HIGH Released CLSA-2021:1634925634 2021-12-09 07:57:07
Ubuntu 16.04 ELS squid 3.5.12-1 7.5 HIGH Not Vulnerable 2021-12-09 07:57:07