Lucene search

CloudLinuxCLSA-2022:1665501369

HistoryOct 11, 2022 - 3:16 p.m.

Fixed CVE-2022-41318 in squid

2022-10-1115:16:09

repo.cloudlinux.com

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

38.2%

JSON

CVE-2022-41318: Fix buffer-over-read in SSPI and SMB authentication

OSVersionArchitecturePackageVersionFilename
Centos6x86_64squid< 3.1.23squid-3.1.23-30.el6.tuxcare.els7.src.rpm

OS	Version	Architecture	Package	Version	Filename
Centos	6	x86_64	squid	< 3.1.23	squid-3.1.23-30.el6.tuxcare.els7.src.rpm

References

errata.cloudlinux.com/els6/CLSA-2022-1665501369.html

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

38.2%

JSON

Related for CLSA-2022:1665501369