Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10.
Metrics
Affected Vendors & Products
References
History
Fri, 22 Nov 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Tus
|
|
CPEs | cpe:/a:redhat:rhel_aus:8.4 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.4 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_eus:8.8 cpe:/a:redhat:rhel_tus:8.4 cpe:/a:redhat:rhel_tus:8.6 |
|
Vendors & Products |
Redhat rhel Tus
|
Sat, 16 Nov 2024 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat enterprise Linux Redhat rhel Aus Redhat rhel E4s Redhat rhel Els Redhat rhel Eus |
|
CPEs | cpe:/a:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:9 cpe:/a:redhat:rhel_aus:8.2 cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_eus:9.4 cpe:/o:redhat:rhel_els:7 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux Redhat rhel Aus Redhat rhel E4s Redhat rhel Els Redhat rhel Eus |
Tue, 05 Nov 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:* |
Tue, 29 Oct 2024 01:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Mon, 28 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Squid-cache
Squid-cache squid |
|
CPEs | cpe:2.3:a:squid-cache:squid:3.0:*:*:*:*:*:*:* | |
Vendors & Products |
Squid-cache
Squid-cache squid |
|
Metrics |
ssvc
|
Mon, 28 Oct 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10. | |
Title | Squid Denial of Service | |
Weaknesses | CWE-20 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-10-28T14:36:13.297Z
Updated: 2024-10-28T14:48:42.415Z
Reserved: 2024-09-09T14:23:07.504Z
Link: CVE-2024-45802
Vulnrichment
Updated: 2024-10-28T14:48:37.033Z
NVD
Status : Analyzed
Published: 2024-10-28T15:15:04.857
Modified: 2024-11-05T16:45:52.027
Link: CVE-2024-45802
Redhat