Количество 13
Количество 13
BDU:2021-01724
Уязвимость механизма обработки элементов ESI прокси-сервера Squid, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю вызвать отказ в обслуживании
CVE-2019-12521
An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing.
CVE-2019-12521
An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing.
CVE-2019-12521
An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing.
CVE-2019-12521
An issue was discovered in Squid through 4.7. When Squid is parsing ES ...
GHSA-7mv4-9v7r-5gq3
An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing.
SUSE-SU-2020:1227-1
Security update for squid
openSUSE-SU-2020:0623-1
Security update for squid
SUSE-SU-2020:1156-1
Security update for squid
SUSE-SU-2020:1134-1
Security update for squid
RLSA-2020:4743
Moderate: squid:4 security, bug fix, and enhancement update
ELSA-2020-4743
ELSA-2020-4743: squid:4 security, bug fix, and enhancement update (MODERATE)
SUSE-SU-2020:14460-1
Security update for squid3
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2021-01724 Уязвимость механизма обработки элементов ESI прокси-сервера Squid, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.9 | 0% Низкий | около 5 лет назад |
 | CVE-2019-12521 An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing. | CVSS3: 5.9 | 0% Низкий | около 5 лет назад |
 | CVE-2019-12521 An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing. | CVSS3: 5.9 | 0% Низкий | около 5 лет назад |
 | CVE-2019-12521 An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing. | CVSS3: 5.9 | 0% Низкий | около 5 лет назад |
| CVE-2019-12521 An issue was discovered in Squid through 4.7. When Squid is parsing ES ... | CVSS3: 5.9 | 0% Низкий | около 5 лет назад |
| GHSA-7mv4-9v7r-5gq3 An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing. | 0% Низкий | около 3 лет назад | |
 | SUSE-SU-2020:1227-1 Security update for squid | около 5 лет назад | ||
| openSUSE-SU-2020:0623-1 Security update for squid | около 5 лет назад | ||
| SUSE-SU-2020:1156-1 Security update for squid | около 5 лет назад | ||
| SUSE-SU-2020:1134-1 Security update for squid | около 5 лет назад | ||
 | RLSA-2020:4743 Moderate: squid:4 security, bug fix, and enhancement update | больше 4 лет назад | ||
| ELSA-2020-4743 ELSA-2020-4743: squid:4 security, bug fix, and enhancement update (MODERATE) | больше 4 лет назад | ||
| SUSE-SU-2020:14460-1 Security update for squid3 | почти 5 лет назад |
Уязвимостей на страницу