8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.5%
Squid is vulnerable to Denial of Service via HTTP Chunked Decoder. The vulnerability is due to an uncontrolled recursion bug in the HTTP Chunked decoder in Squid. This bug allows a remote attacker to cause Denial of Service by sending a crafted, chunked, encoded HTTP message.
www.squid-cache.org/Versions/v6/SQUID-2024_1.patch
github.com/squid-cache/squid/security/advisories/GHSA-72c2-c3wm-8qxc
lists.fedoraproject.org/archives/list/[email protected]/message/7R4KPSO3MQT3KAOZV7LC2GG3CYMCGK7H/
lists.fedoraproject.org/archives/list/[email protected]/message/XWQHRDRHDM5PQTU6BHH4C5KGL37X6TVI/
security-tracker.debian.org/tracker/CVE-2024-25111
security.netapp.com/advisory/ntap-20240605-0001/
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.5%