An issue exists in Squid 4.x prior to 4.15 and 5.x prior to 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
squid-cache squid |
||
debian debian linux 10.0 |
||
fedoraproject fedora 33 |
||
fedoraproject fedora 34 |