Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. (CVE-2020-15810)
Régis Leroy discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request splitting attack, resulting in cache poisoning. (CVE-2020-15811)
Lubos Uhliarik discovered that Squid incorrectly handled certain Cache Digest response messages sent by trusted peers. A remote attacker could possibly use this issue to cause Squid to consume resources, resulting in a denial of service. (CVE-2020-24606)
{ "availability": "No subscription required", "binaries": [ { "squid": "4.10-1ubuntu1.2", "squid-common": "4.10-1ubuntu1.2", "squid-cgi": "4.10-1ubuntu1.2", "squidclient": "4.10-1ubuntu1.2", "squid-purge": "4.10-1ubuntu1.2", "squid-cgi-dbgsym": "4.10-1ubuntu1.2", "squidclient-dbgsym": "4.10-1ubuntu1.2", "squid-purge-dbgsym": "4.10-1ubuntu1.2", "squid-dbgsym": "4.10-1ubuntu1.2" } ] }