An issue exists in Squid 3.x and 4.x up to and including 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
squid-cache squid 2.7 |
||
squid-cache squid |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 19.04 |
||
canonical ubuntu linux 19.10 |
||
fedoraproject fedora 30 |
||
fedoraproject fedora 31 |