Описание
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- ExploitIssue TrackingVendor Advisory
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- ExploitIssue TrackingVendor Advisory
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
Одно из
Одно из
EPSS
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption.
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption.
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due ...
Уязвимость прокси-сервера Squid, существующая из-за недостаточной проверки ввода при разрешении идентификаторов ресурсов «urn:», позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3
5 Medium
CVSS2