CVE-2020-8449
CVE-2020-8449
An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00012.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-05/msg00010.htmlhttps://lists.debian.org/debian-lts-announce/2020/07/msg00009.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6W2IQ7QV2OGREFFUBNVZIDD3RJBDE4R/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TSU6SPANL27AGK5PCGBJOKG4LUWA555J/https://security.gentoo.org/glsa/202003-34https://security.netapp.com/advisory/ntap-20210304-0002/https://usn.ubuntu.com/4289-1/https://www.debian.org/security/2020/dsa-4682http://www.squid-cache.org/Advisories/SQUID-2020_1.txthttp://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2020_1.patchhttp://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-8e657e835965c3a011375feaa0359921c5b3e2dd.patch