vulnerability
Oracle Linux: CVE-2021-31806: ELSA-2021-4292: squid:4 security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:N/A:P) | May 10, 2021 | Sep 25, 2021 | Dec 3, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:P)
Published
May 10, 2021
Added
Sep 25, 2021
Modified
Dec 3, 2025
Description
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range request processing.
An incorrect input validation flaw was found in Squid, where it is vulnerable to a denial of service attack against all clients using the proxy. The highest threat from this vulnerability is to system availability.
An incorrect input validation flaw was found in Squid, where it is vulnerable to a denial of service attack against all clients using the proxy. The highest threat from this vulnerability is to system availability.
Solutions
oracle-linux-upgrade-libecaporacle-linux-upgrade-libecap-develoracle-linux-upgrade-squidoracle-linux-upgrade-squid-migration-scriptoracle-linux-upgrade-squid-sysvinit
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.