UBUNTU-CVE-2024-45802

Source
https://ubuntu.com/security/CVE-2024-45802
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-45802.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2024-45802
Related
Published
2024-10-28T15:15:00Z
Modified
2024-11-07T16:33:31Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10.

References

Affected packages

Ubuntu:Pro:16.04:LTS / squid3

Package

Name
squid3
Purl
pkg:deb/ubuntu/squid3?arch=src?distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.3.8-1ubuntu16
3.3.8-1ubuntu17
3.5.12-1ubuntu6
3.5.12-1ubuntu7
3.5.12-1ubuntu7.1
3.5.12-1ubuntu7.2
3.5.12-1ubuntu7.3
3.5.12-1ubuntu7.4
3.5.12-1ubuntu7.5
3.5.12-1ubuntu7.6
3.5.12-1ubuntu7.7
3.5.12-1ubuntu7.8
3.5.12-1ubuntu7.9
3.5.12-1ubuntu7.10
3.5.12-1ubuntu7.11
3.5.12-1ubuntu7.12
3.5.12-1ubuntu7.13
3.5.12-1ubuntu7.14
3.5.12-1ubuntu7.15
3.5.12-1ubuntu7.16
3.5.12-1ubuntu7.16+esm1
3.5.12-1ubuntu7.16+esm2
3.5.12-1ubuntu7.16+esm3
3.5.12-1ubuntu7.16+esm4

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / squid3

Package

Name
squid3
Purl
pkg:deb/ubuntu/squid3?arch=src?distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.5.23-5ubuntu1
3.5.23-5ubuntu2
3.5.27-1ubuntu1
3.5.27-1ubuntu1.1
3.5.27-1ubuntu1.2
3.5.27-1ubuntu1.3
3.5.27-1ubuntu1.4
3.5.27-1ubuntu1.5
3.5.27-1ubuntu1.6
3.5.27-1ubuntu1.7
3.5.27-1ubuntu1.8
3.5.27-1ubuntu1.9
3.5.27-1ubuntu1.10
3.5.27-1ubuntu1.11
3.5.27-1ubuntu1.12
3.5.27-1ubuntu1.13
3.5.27-1ubuntu1.14
3.5.27-1ubuntu1.14+esm1
3.5.27-1ubuntu1.14+esm2
3.5.27-1ubuntu1.14+esm3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / squid

Package

Name
squid
Purl
pkg:deb/ubuntu/squid?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.8-1ubuntu2
4.8-1ubuntu3
4.9-2ubuntu1
4.9-2ubuntu2
4.9-2ubuntu3
4.9-2ubuntu4
4.10-1ubuntu1
4.10-1ubuntu1.1
4.10-1ubuntu1.2
4.10-1ubuntu1.3
4.10-1ubuntu1.4
4.10-1ubuntu1.5
4.10-1ubuntu1.6
4.10-1ubuntu1.7
4.10-1ubuntu1.8
4.10-1ubuntu1.9
4.10-1ubuntu1.10
4.10-1ubuntu1.11
4.10-1ubuntu1.12
4.10-1ubuntu1.13

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / squid

Package

Name
squid
Purl
pkg:deb/ubuntu/squid?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.13-10ubuntu5

5.*

5.2-1ubuntu1
5.2-1ubuntu3
5.2-1ubuntu4
5.2-1ubuntu4.1
5.2-1ubuntu4.2
5.2-1ubuntu4.3
5.7-0ubuntu0.22.04.1
5.7-0ubuntu0.22.04.2
5.7-0ubuntu0.22.04.3
5.7-0ubuntu0.22.04.4
5.9-0ubuntu0.22.04.1
5.9-0ubuntu0.22.04.2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / squid

Package

Name
squid
Purl
pkg:deb/ubuntu/squid?arch=src?distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.6-1ubuntu5
6.9-1ubuntu1
6.9-1ubuntu2
6.10-1ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / squid

Package

Name
squid
Purl
pkg:deb/ubuntu/squid?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.1-2ubuntu1
6.1-2ubuntu2
6.5-1ubuntu1
6.5-1ubuntu2
6.5-1ubuntu3
6.6-1ubuntu4
6.6-1ubuntu5
6.6-1ubuntu5.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}