Actions
Bug #14926
closed
Squid Proxy contains critical vulnerabilities
Status:
Rejected
Priority:
Urgent
Assignee:
-
Category:
Squid
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Affected Version:
2.7.0
Affected Plus Version:
Affected Architecture:
All
Description
Squid 5.8 (shipped by the current pfSense package) is affected by the following vulnerabilities:
Critical:- SQUID-2023:1 Request/Response smuggling in HTTP/1.1 and ICAP
- SQUID-2023:2 Multiple issues in HTTP response caching
- SQUID-2023:3 Denial of Service in HTTP Digest Authentication
These vulnerabilities are patched in Squid 6.4.
Updated by 
Updated by
Actions