CVE-2021-46784

Опубликовано: 17 июл. 2022

Источник: debian

EPSS Низкий

Описание

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
squid	fixed	5.6-1		package
squid3	removed			package

Примечания

https://github.com/squid-cache/squid/security/advisories/GHSA-f5cp-6rh3-284w
https://github.com/squid-cache/squid/commit/780c4ea1b4c9d2fb41f6962aa6ed73ae57f74b2b (v4)
Squid 5: http://www.squid-cache.org/Versions/v5/changesets/SQUID-2021_7.patch
https://megamansec.github.io/Squid-Security-Audit/gopher-assert.html

EPSS

Процентиль: 92%

0.08289

Низкий

Связанные уязвимости

CVE-2021-46784

CVSS3: 6.5

ubuntu

около 3 лет назад

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.

CVE-2021-46784

CVSS3: 7.5

redhat

около 3 лет назад

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.

CVE-2021-46784

CVSS3: 6.5

nvd

около 3 лет назад

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.

SUSE-SU-2022:2359-1

suse-cvrf

около 3 лет назад

Security update for squid

ROS-20220628-03

redos

около 3 лет назад

Уязвимость Squid

EPSS

Процентиль: 92%

0.08289

Низкий