Information Disclosure

2020-08-0621:32:19

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.009 Low

EPSS

Percentile

83.1%

JSON

Squid is vulnerable to information disclosure. An issue was discovered in Squid allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users’ sessions or non-Squid processes.

CPENameOperatorVersion
squideq3.5.27-r3
squid:3.10eq4.8-r1
squid:3.11eq4.9-r0
squid3:xenialeq3.5.12-1ubuntu7
squid3:bioniceq3.5.27-1ubuntu1
squid:eoaneq4.8-1ubuntu2
squideq3.5.20__15.el7_8.1
squideq3.5.20__15.el7
squideq3.5.20__12.el7_6.1
squid3:stretcheq3.5.23-5+deb9u1

Name	Operator	Version
squid	eq	3.5.27-r3
squid:3.10	eq	4.8-r1
squid:3.11	eq	4.9-r0
squid3:xenial	eq	3.5.12-1ubuntu7
squid3:bionic	eq	3.5.27-1ubuntu1
squid:eoan	eq	4.8-1ubuntu2
squid	eq	3.5.20__15.el7_8.1
squid	eq	3.5.20__15.el7
squid	eq	3.5.20__12.el7_6.1
squid3:stretch	eq	3.5.23-5+deb9u1