Overview
- Description
- Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
- security-advisories@github.com
- CWE-20
Social media
- Hype score
- Not currently trending
quid プロキシ・サーバの DoS 脆弱性 CVE-2024-45802(CVSS 7.5) が FIX:直ちにアップデートを! https://t.co/RHXuuSFAcx #DoS #ESI #MisConfiguration #OpenSource #ProxyServer #Squid
@iototsecnews
7 Nov 2024
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A new Denial-of-Service vulnerability has been discovered in Squid Proxy Server, labeled CVE-2024-45802. Stay informed and ensure your systems are protected. 🔒 Critical DoS vulnerability in Squid affects versions 3.0-6.9 when ESI is enabled. Update to 6.10 or disable ESI for
@bt0s3c
30 Oct 2024
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Denial-of-Service Vulnerability Found in #Squid Proxy Server (CVE-2024-45802) https://t.co/sZ6InnPz7f #infosec
@dacbarbos
30 Oct 2024
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Squid Proxy vulnerable to CVE-2024-45802 DoS attacks #SquidProxy #CVE-2024-45802 #DenialofAttack https://t.co/NL0ORnqXW1
@pravin_karthik
30 Oct 2024
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2024-45802 (CVSS: 7.5) : Denial-of-Service Vulnerability Found in Squid Proxy Server ⚠️Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service…
@zoomeye_team
30 Oct 2024
444 Impressions
2 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Denial-of-Service Vulnerability Found in Squid Proxy Server (CVE-2024-45802) Find out how CVE-2024-45802, a #DoS #vulnerability, impacts #Squid, the popular caching proxy server. Stay informed to protect your system. https://t.co/uAsUWqbISh
@the_yellow_fall
30 Oct 2024
2537 Impressions
9 Retweets
31 Likes
6 Bookmarks
0 Replies
0 Quotes
CVE-2024-45802 Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resou... https://t.co/VE3PrdvIGn
@VulmonFeeds
28 Oct 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45802 Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifeti… https://t.co/qJQ9VVfYwd
@CVEnew
28 Oct 2024
297 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "269E064C-AAF8-4A48-BBAB-76A37C1A0684",
"versionEndExcluding": "6.10",
"versionStartIncluding": "3.0"
}
],
"operator": "OR"
}
]
}
]