squid-cache Squid 6.7

CPE Details

squid-cache Squid 6.7
squid-cache
squid
6.7
2025-01-09
12h52 +00:00
2025-01-09
12h52 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:squid-cache:squid:6.7:*:*:*:*:*:*:*

Informations

Vendor

squid-cache

Product

squid

Version

6.7

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-45802 2024-10-28 14h36 +00:00 Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10.
7.5
High
CVE-2024-25111 2024-03-06 18h14 +00:00 Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunked, encoded HTTP Message. This bug is fixed in Squid version 6.8. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. There is no workaround for this issue.
8.6
High