Описание
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | released | 4.13-1ubuntu3 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | not-affected | 4.10-1ubuntu1.3 |
| focal | released | 4.10-1ubuntu1.3 |
| groovy | released | 4.13-1ubuntu2.1 |
| hirsute | released | 4.13-1ubuntu3 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 3.5.27-1ubuntu1.10 |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | 3.5.27-1ubuntu1.10 |
| esm-infra/focal | DNE | |
| esm-infra/xenial | not-affected | 3.5.12-1ubuntu7.16 |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE | |
| precise/esm | ignored | end of life, was needed |
Показывать по
EPSS
5 Medium
CVSS2
8.6 High
CVSS3
Связанные уязвимости
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. D ...
EPSS
5 Medium
CVSS2
8.6 High
CVSS3