Описание
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 3.5.12-1ubuntu9 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [3.3.8-1ubuntu6.8]] |
| esm-infra/xenial | released | 3.5.12-1ubuntu7.3 |
| precise | not-affected | 3.1.19-1ubuntu3.12.04.7 |
| trusty | not-affected | 3.3.8-1ubuntu6.8 |
| trusty/esm | DNE | trusty was not-affected [3.3.8-1ubuntu6.8] |
| upstream | released | 3.5.23-1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 3.5.12-1ubuntu7.3 |
Показывать по
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 t ...
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
5 Medium
CVSS2
7.5 High
CVSS3