AZL-42871

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-42871.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-42871

Upstream

CVE-2024-37894

Published

2024-06-25T20:15:11Z

Modified

2026-04-01T05:14:52.852859Z

Summary

CVE-2024-37894 affecting package squid 5.7-5

Details

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-37894

Affected packages

Azure Linux:2 / squid

Package

Name: squid
Purl: pkg:rpm/azure-linux/squid

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

5.7-5

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-42871.json"