Описание
Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 3.5.12-1ubuntu8 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [3.3.8-1ubuntu6.8]] |
| esm-infra/xenial | released | 3.5.12-1ubuntu7.2 |
| precise | released | 3.1.19-1ubuntu3.12.04.7 |
| trusty | released | 3.3.8-1ubuntu6.8 |
| trusty/esm | DNE | trusty was released [3.3.8-1ubuntu6.8] |
| upstream | released | 3.5.17-1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| wily | released | 3.3.8-1ubuntu16.3 |
Показывать по
EPSS
4.3 Medium
CVSS2
3.7 Low
CVSS3
Связанные уязвимости
Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to ...
Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
EPSS
4.3 Medium
CVSS2
3.7 Low
CVSS3