Updated: 2024-11-30 04:18:07.335715
Description:
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | 0 | |
CVSS Version 3.x | MEDIUM | 5.3 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
AlmaLinux 9.2 ESU | squid | 5.5 | 5.3 | MEDIUM | Needs Triage | 2024-11-25 11:46:30 | ||
CentOS 6 ELS | squid | 3.1.23 | 5.3 | MEDIUM | Ignored | 2023-12-07 04:09:42 | ||
CentOS 6 ELS | squid34 | 3.4.14 | 5.3 | MEDIUM | Ignored | 2023-11-14 02:26:05 | ||
CentOS 8.4 ELS | squid | 4.11-4 | 5.3 | MEDIUM | Released | CLSA-2023:1700211046 | 2023-11-17 04:09:17 | |
CentOS 8.5 ELS | squid | 4.15-1 | 5.3 | MEDIUM | Released | CLSA-2023:1700161280 | 2023-11-16 16:12:45 | |
CloudLinux 6 ELS | squid | 3.1.23 | 5.3 | MEDIUM | Ignored | 2023-12-07 04:09:42 | ||
CloudLinux 6 ELS | squid34 | 3.4.14 | 5.3 | MEDIUM | Ignored | 2023-11-14 02:26:05 | ||
Oracle Linux 6 ELS | squid | 3.1.23 | 5.3 | MEDIUM | Ignored | 2023-12-07 04:09:42 | ||
Oracle Linux 6 ELS | squid34 | 3.4.14 | 5.3 | MEDIUM | Ignored | 2023-11-14 02:26:05 | ||
Ubuntu 16.04 ELS | squid | 3.5.12-1 | 5.3 | MEDIUM | Ignored | 2023-12-07 04:09:42 |