Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:HSquid Cache Squid
APPSquid-Cache< 6.4
Related vulnerabilities
Squid: Use-After-Free w obsłudze ruchu ICP umożliwia atak DoS
Squid: ujawnienie danych uwierzytelniających HTTP przez błędy obsługi
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to...
An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Reque...
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication no...