Updated: 2022-05-25 15:43:25.671083
Description:
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range request processing.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | MEDIUM | 4 |
| CVSS Version 3.x | MEDIUM | 6.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
|---|---|---|---|---|---|---|---|
| CentOS 6 ELS | squid34 | 3.4.14 | 6.5 | MEDIUM | Ignored | 2021-11-02 14:03:20 | |
| CentOS 6 ELS | squid | 3.1.23 | 6.5 | MEDIUM | Ignored | 2021-11-02 14:03:20 | |
| CentOS 8.4 ELS | squid | 4.11-4 | 6.5 | MEDIUM | Released | CLSA-2022:1646060698 | 2022-02-28 14:41:40 |
| CentOS 8.5 ELS | squid | 4.15-1 | 6.5 | MEDIUM | Not Vulnerable | 2022-02-17 12:11:05 | |
| CloudLinux 6 ELS | squid34 | 3.4.14 | 6.5 | MEDIUM | Ignored | 2021-11-02 14:03:20 | |
| CloudLinux 6 ELS | squid | 3.1.23 | 6.5 | MEDIUM | Ignored | 2021-11-02 14:03:20 | |
| Oracle Linux 6 ELS | squid | 3.1.23 | 6.5 | MEDIUM | Ignored | 2021-11-02 14:03:20 | |
| Oracle Linux 6 ELS | squid34 | 3.4.14 | 6.5 | MEDIUM | Ignored | 2021-11-02 14:03:20 | |
| Ubuntu 16.04 ELS | squid | 3.5.12-1 | 6.5 | MEDIUM | Ignored | 2021-11-02 14:03:20 | |
| Ubuntu 18.04 ELS | squid | 3.5.27-1 | 6.5 | MEDIUM | Needs Triage | 2023-03-06 07:38:20 |