Описание
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 3.5.23-5ubuntu1 |
| devel | not-affected | 3.5.23-5ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| esm-infra/xenial | not-affected | 3.5.12-1ubuntu7.5 |
| precise | ignored | |
| precise/esm | ignored | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | released | 3.5.16 |
| vivid/stable-phone-overlay | DNE |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds ...
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
ELSA-2016-2600: squid security, bug fix, and enhancement update (MODERATE)
EPSS
5 Medium
CVSS2
7.5 High
CVSS3