Download
| Alert*
|
oval:org.secpod.oval:def:1601721
An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs because u ... oval:org.secpod.oval:def:1701344 An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs because u ... oval:org.secpod.oval:def:97542 [CLSA-2021:1629902677] Fixed CVEs in squid: CVE-2020-14058, CVE-2020-15049 oval:org.secpod.oval:def:97559 [CLSA-2021:1632262221] Fixed 9 CVEs in squid34 oval:org.secpod.oval:def:1505298 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:504724 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid . Security Fix: * squid: Improper input validation in request allows for proxy manipulation * squid: Off-by- ... oval:org.secpod.oval:def:2500091 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. oval:org.secpod.oval:def:68001 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid . Security Fix: * squid: Improper input validation in request allows for proxy manipulation * squid: Off-by- ... |
