squid: Multiple issues (CVE-2020-15810, CVE-2020-15811, CVE-2020-24606)| ID: oval:org.secpod.oval:def:1801752 | Date: (C)2020-12-23 (M)2024-02-08 |
| Class: PATCH | Family: unix |
Due to incorrect data validation Squid is vulnerable to HTTP Request Smuggling attacks against HTTP and HTTPS traffic. This leads to cache poisoning. Affected Versions: 2.5-3.5.28, 4.0-4.12, 5.0.1-5.0.3Due to incorrect data validation Squid is vulnerable to HTTP Request Splitting attacks against HTTP and HTTPS traffic. This leads to cache poisoning. Affected Versions: 2.7-3.5.28, 4.0-4.12, 5.0.1-5.0.3Due to Improper Input Validation Squid is vulnerable to a Denial of Service attack against the machine operating Squid. Affected Versions: 3.0-4.12, 5.0.1-5.0.3 Fixed Versions: 4.13, 5.0.4
| Platform: |
| Alpine Linux 3.10 |
| Alpine Linux 3.11 |
| Alpine Linux 3.12 |
| Alpine Linux 3.9 |
