CVE-2024-45802

Опубликовано: 28 окт. 2024

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 7.5

Описание

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10.

Релиз	Статус	Примечание
devel	not-affected	6.13-1ubuntu1
esm-infra/focal	ignored	see notes
focal	ignored	end of standard support, was ignored [see notes]
jammy	ignored	see notes
noble	ignored	see notes
oracular	ignored	end of life, was ignored [see notes]
plucky	not-affected	6.13-1ubuntu1
upstream	released	6.12-1

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra/bionic	needs-triage
esm-infra/focal	DNE
esm-infra/xenial	needs-triage
focal	DNE
jammy	DNE
noble	DNE
oracular	DNE
plucky	DNE
upstream	needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 67%

0.00549

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2024-45802

CVSS3: 7.5

redhat

10 месяцев назад

CVE-2024-45802

CVSS3: 7.5

nvd

10 месяцев назад

CVE-2024-45802

CVSS3: 7.5

debian

10 месяцев назад

Squid is an open source caching proxy for the Web supporting HTTP, HTT ...

ELSA-2024-9738

oracle-oval

9 месяцев назад

ELSA-2024-9738: squid security update (IMPORTANT)

ELSA-2024-9625

oracle-oval

9 месяцев назад

ELSA-2024-9625: squid security update (IMPORTANT)

EPSS

Процентиль: 67%

0.00549

Низкий

7.5 High

CVSS3

CVE-2024-45802

Описание

Пакет squid

Пакет squid3

Ссылки на источники

Связанные уязвимости