Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. (CVE-2020-15810)
Régis Leroy discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request splitting attack, resulting in cache poisoning. (CVE-2020-15811)
Lubos Uhliarik discovered that Squid incorrectly handled certain Cache Digest response messages sent by trusted peers. A remote attacker could possibly use this issue to cause Squid to consume resources, resulting in a denial of service. (CVE-2020-24606)
{ "binaries": [ { "binary_name": "squid", "binary_version": "4.10-1ubuntu1.2" }, { "binary_name": "squid-cgi", "binary_version": "4.10-1ubuntu1.2" }, { "binary_name": "squid-cgi-dbgsym", "binary_version": "4.10-1ubuntu1.2" }, { "binary_name": "squid-common", "binary_version": "4.10-1ubuntu1.2" }, { "binary_name": "squid-dbgsym", "binary_version": "4.10-1ubuntu1.2" }, { "binary_name": "squid-purge", "binary_version": "4.10-1ubuntu1.2" }, { "binary_name": "squid-purge-dbgsym", "binary_version": "4.10-1ubuntu1.2" }, { "binary_name": "squidclient", "binary_version": "4.10-1ubuntu1.2" }, { "binary_name": "squidclient-dbgsym", "binary_version": "4.10-1ubuntu1.2" } ], "availability": "No subscription required" }