A flaw was found in squid. A denial of service attack is possible due to an improper input validation. The highest threat from this vulnerability is to system availability.

Mitigation

Add the no-digest option to all cache_peer lines in squid.conf

References

bugzilla.redhat.com/show_bug.cgi?id=1871705

github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jg

nvd.nist.gov/vuln/detail/CVE-2020-24606

www.cve.org/CVERecord?id=CVE-2020-24606

ubuntucve 1

alpinelinux 1

osv 6

nvd 1

debiancve 1

openvas 19

prion 1

cvelist 1

cve 1

veracode 1

nessus 33

fedora 3

ubuntu 2

debian 3

amazon 2

mageia 1

suse 2

centos 1

redhat 2

cloudlinux 1

oraclelinux 2

rocky 1

almalinux 1

rosalinux 1

ibm 1

ubuntucve

CVE-2020-24606

2020-08-24 00:00:00

alpinelinux

CVE-2020-24606

2020-08-24 18:15:10

osv

CVE-2020-24606

2020-08-24 18:15:10

squid - security update

2020-08-27 00:00:00

squid3 - security update

2020-10-02 00:00:00

nvd

CVE-2020-24606

2020-08-24 18:15:10

debiancve

CVE-2020-24606

2020-08-24 18:15:10

openvas

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-2159)

2020-09-29 00:00:00

Squid Security Update Advisory SQUID-2020:9

2020-08-25 00:00:00

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-2399)

2020-11-04 00:00:00

prion

Design/Logic Flaw

2020-08-24 18:15:00

cvelist

CVE-2020-24606

2020-08-24 17:06:24

cve

CVE-2020-24606

2020-08-24 18:15:10

veracode

Denial Of Service (DoS)

2020-09-21 06:31:21

nessus

EulerOS 2.0 SP8 : squid (EulerOS-SA-2020-2159)

2020-09-29 00:00:00

EulerOS 2.0 SP2 : squid (EulerOS-SA-2020-2399)

2020-11-03 00:00:00

EulerOS 2.0 SP5 : squid (EulerOS-SA-2020-2300)

2020-10-30 00:00:00

fedora

[SECURITY] Fedora 33 Update: squid-4.13-1.fc33

2020-09-25 17:06:35

[SECURITY] Fedora 32 Update: squid-4.13-1.fc32

2020-09-03 16:40:44

[SECURITY] Fedora 31 Update: squid-4.13-1.fc31

2020-09-03 16:27:17

ubuntu

Squid vulnerabilities

2020-08-27 00:00:00

Squid vulnerabilities

2020-09-28 00:00:00

debian

[SECURITY] [DSA 4751-1] squid security update

2020-08-27 13:05:31

[SECURITY] [DSA 4751-1] squid security update

2020-08-27 13:05:31

[SECURITY] [DLA 2394-1] squid3 security update

2020-10-02 16:29:55

amazon

Important: squid

2020-10-22 18:42:00

Important: squid

2020-11-16 17:59:00

mageia

Updated squid packages fix security vulnerabilities

2020-09-04 12:16:18

suse

Security update for squid (critical)

2020-09-07 00:00:00

Security update for squid (critical)

2020-09-05 00:00:00

centos

squid security update

2020-11-06 22:15:00

redhat

(RHSA-2020:4082) Important: squid security update

2020-09-30 00:17:14

(RHSA-2020:4743) Moderate: squid:4 security, bug fix, and enhancement update

2020-11-03 12:32:17

cloudlinux

Fix of CVE: CVE-2020-8517, CVE-2021-28651, CVE-2020-15049, CVE-2020-8449, CVE-2020-8450, CVE-2020-24606, CVE-2020-25097, CVE-2020-11945, CVE-2020-14058

2021-09-21 22:10:21

oraclelinux

squid security update

2020-10-08 00:00:00

squid:4 security, bug fix, and enhancement update

2020-11-10 00:00:00

rocky

squid:4 security, bug fix, and enhancement update

2020-11-03 12:32:17

almalinux

Moderate: squid:4 security, bug fix, and enhancement update

2020-11-03 12:32:17

rosalinux

Advisory ROSA-SA-2021-1976

2021-07-02 18:10:45

ibm

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

2022-04-15 21:36:47

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.013

Percentile

85.8%

JSON

Related for RH:CVE-2020-24606