An issue exists in Squid up to and including 4.13 and 5.x up to and including 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
squid-cache squid |
||
debian debian linux 10.0 |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |
||
fedoraproject fedora 34 |
||
netapp cloud manager - |