vulnerability
CentOS Linux: CVE-2021-28652: Moderate: squid:4 security, bug fix, and enhancement update (CESA-2021:4292)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:L/Au:S/C:N/I:N/A:P) | May 27, 2021 | Nov 10, 2021 | May 25, 2023 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:P)
Published
May 27, 2021
Added
Nov 10, 2021
Modified
May 25, 2023
Description
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short query string. This attack is limited to clients with Cache Manager API access privilege.
Solution(s)
centos-upgrade-libecapcentos-upgrade-libecap-debuginfocentos-upgrade-libecap-debugsourcecentos-upgrade-libecap-develcentos-upgrade-squidcentos-upgrade-squid-debuginfocentos-upgrade-squid-debugsource
References

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.