Описание
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Patch
- Patch
- Patch
- Patch
- Patch
- Third Party Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
8.6 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypas ...
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
EPSS
8.6 High
CVSS3
5 Medium
CVSS2