Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-31808

Опубликовано: 27 мая 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4
CVSS3: 6.5

Описание

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.

РелизСтатусПримечание
bionic

DNE

devel

released

4.13-10ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/focal

not-affected

4.10-1ubuntu1.4
focal

released

4.10-1ubuntu1.4
groovy

released

4.13-1ubuntu2.2
hirsute

released

4.13-1ubuntu4.1
impish

released

4.13-10ubuntu1
jammy

released

4.13-10ubuntu1
kinetic

released

4.13-10ubuntu1

Показывать по

РелизСтатусПримечание
bionic

released

3.5.27-1ubuntu1.11
devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

3.5.27-1ubuntu1.11
esm-infra/focal

DNE

esm-infra/xenial

needed

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 50%
0.0027
Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-31808

CVSS3: 6.5
redhat
около 4 лет назад

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.

nvd логотип

CVE-2021-31808

CVSS3: 6.5
nvd
около 4 лет назад

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.

debian логотип

CVE-2021-31808

CVSS3: 6.5
debian
около 4 лет назад

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due ...

github логотип

GHSA-hx5h-cw5j-ghcr

CVSS3: 6.5
github
около 3 лет назад

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.

fstec логотип

BDU:2021-02728

CVSS3: 6.5
fstec
около 4 лет назад

Уязвимость прокси-сервера Squid, существующая из-за недостаточной проверки введенных пользователем данных при доставке ответов на запросы диапазона HTTP, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 50%
0.0027
Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3