RHSA-2020:4743MediumCVSS 8.5

Red Hat Security Advisory: squid:4 security, bug fix, and enhancement update

Published
November 4, 2020
Last Modified
June 29, 2026

🔗 CVE IDs covered (18)

📋 Description

CVE-2019-12520 — squid: Improper input validation in request allows for proxy manipulation CVE-2019-12521 — squid: Off-by-one error in addStackElement allows for heap buffer overflow and crash CVE-2019-12523 — squid: Improper input validation in URI processor CVE-2019-12524 — squid: Improper access restriction in url_regex may lead to security bypass CVE-2019-12526 — squid: Heap overflow issue in URN processing CVE-2019-12528 — squid: Information Disclosure issue in FTP Gateway CVE-2019-12529 — squid: Out of bounds read in Proxy-Authorization header causes DoS CVE-2019-12854 — squid: Denial of service in cachemgr.cgi CVE-2019-18676 — squid: Buffer overflow in URI processor CVE-2019-18677 — squid: Cross-Site Request Forgery issue in HTTP Request processing CVE-2019-18678 — squid: HTTP Request Splitting issue in HTTP message processing CVE-2019-18679 — squid: Information Disclosure issue in HTTP Digest Authentication CVE-2019-18860 — squid: Mishandled HTML in the host parameter to cachemgr.cgi results in insecure behaviour CVE-2020-8449 — squid: Improper input validation issues in HTTP Request processing CVE-2020-8450 — squid: Buffer overflow in reverse-proxy configurations CVE-2020-14058 — squid: DoS in TLS handshake CVE-2020-15049 — squid: Request smuggling and poisoning attack against the HTTP cache CVE-2020-24606 — squid: Improper input validation could result in a DoS

🔗 References (22)