Количество 14
Количество 14
BDU:2021-01748
Уязвимость заголовка запросов прокси-сервера Squid, связанная с недостатками обработки HTTP-запросов, позволяющая нарушителю оказать воздействие на целостность данных
CVE-2019-18678
An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.
CVE-2019-18678
An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.
CVE-2019-18678
An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.
CVE-2019-18678
An issue was discovered in Squid 3.x and 4.x through 4.8. It allows at ...
GHSA-jvgf-c7c2-w98p
An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.
SUSE-SU-2019:3067-1
Security update for squid
SUSE-SU-2020:0661-1
Security update for squid
openSUSE-SU-2019:2541-1
Security update for squid
openSUSE-SU-2019:2540-1
Security update for squid
SUSE-SU-2019:2975-1
Security update for squid
RLSA-2020:4743
Moderate: squid:4 security, bug fix, and enhancement update
ELSA-2020-4743
ELSA-2020-4743: squid:4 security, bug fix, and enhancement update (MODERATE)
SUSE-SU-2020:14460-1
Security update for squid3
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2021-01748 Уязвимость заголовка запросов прокси-сервера Squid, связанная с недостатками обработки HTTP-запросов, позволяющая нарушителю оказать воздействие на целостность данных | CVSS2: 5 | 13% Средний | больше 5 лет назад |
 | CVE-2019-18678 An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon. | CVSS3: 5.3 | 13% Средний | больше 5 лет назад |
 | CVE-2019-18678 An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon. | CVSS3: 6.8 | 13% Средний | больше 5 лет назад |
 | CVE-2019-18678 An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon. | CVSS3: 5.3 | 13% Средний | больше 5 лет назад |
| CVE-2019-18678 An issue was discovered in Squid 3.x and 4.x through 4.8. It allows at ... | CVSS3: 5.3 | 13% Средний | больше 5 лет назад |
| GHSA-jvgf-c7c2-w98p An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon. | 13% Средний | около 3 лет назад | |
 | SUSE-SU-2019:3067-1 Security update for squid | больше 5 лет назад | ||
| SUSE-SU-2020:0661-1 Security update for squid | больше 5 лет назад | ||
| openSUSE-SU-2019:2541-1 Security update for squid | больше 5 лет назад | ||
| openSUSE-SU-2019:2540-1 Security update for squid | больше 5 лет назад | ||
| SUSE-SU-2019:2975-1 Security update for squid | больше 5 лет назад | ||
 | RLSA-2020:4743 Moderate: squid:4 security, bug fix, and enhancement update | больше 4 лет назад | ||
| ELSA-2020-4743 ELSA-2020-4743: squid:4 security, bug fix, and enhancement update (MODERATE) | больше 4 лет назад | ||
| SUSE-SU-2020:14460-1 Security update for squid3 | почти 5 лет назад |
Уязвимостей на страницу