Описание
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | released | 4.13-10ubuntu5 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | not-affected | 4.10-1ubuntu1.5 |
| focal | released | 4.10-1ubuntu1.5 |
| groovy | ignored | end of life |
| hirsute | released | 4.13-1ubuntu4.2 |
| impish | released | 4.13-10ubuntu5 |
| jammy | released | 4.13-10ubuntu5 |
| kinetic | released | 4.13-10ubuntu5 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 3.5.27-1ubuntu1.12 |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | 3.5.27-1ubuntu1.12 |
| esm-infra/focal | DNE | |
| esm-infra/xenial | needed | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE | |
| impish | DNE |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
3.7 Low
CVSS3
Связанные уязвимости
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allo ...
4.3 Medium
CVSS2
3.7 Low
CVSS3