CVE-2019-12520

🗓️ 15 Apr 2020 19:14:25Reported by mitreType

An issue discovered in Squid through 4.7 and 5 allows attackers to serve up unauthorized responses via specially crafted absolute URLs

Reporter	Title	Published	Views	Family All 76
Tenable Nessus	Amazon Linux 2 : squid (ALASSQUID4-2023-009)	27 Sep 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : squid (ALASSQUID4-2023-010)	6 Oct 202300:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0124: squid:4 (ALINUX3-SA-2022:0124)	14 May 202500:00	–	nessus
Tenable Nessus	CentOS 8 : squid:4 (CESA-2020:4743)	1 Feb 202100:00	–	nessus
Tenable Nessus	Debian DSA-4682-1 : squid - security update	11 May 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP8 : squid (EulerOS-SA-2020-1884)	28 Aug 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : squid (EulerOS-SA-2020-2399)	3 Nov 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP3 : squid (EulerOS-SA-2022-1766)	26 May 202200:00	–	nessus
Tenable Nessus	MiracleLinux 8 : squid:4 (AXSA:2021-1405:01)	20 Jan 202600:00	–	nessus
Tenable Nessus	Oracle Linux 8 : squid:4 (ELSA-2020-4743)	7 Sep 202300:00	–	nessus

NVD

Node

Node

Node

Source	Link
security	www.security.netapp.com/advisory/ntap-20210205-0006/
squid-cache	www.squid-cache.org/Versions/v4/changesets/
lists	www.lists.debian.org/debian-lts-announce/2020/07/msg00009.html
squid-cache	www.squid-cache.org/Versions/v4/
gitlab	www.gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12520.txt
github	www.github.com/squid-cache/squid/commits/v4
usn	www.usn.ubuntu.com/4446-1/
debian	www.debian.org/security/2020/dsa-4682

21 Nov 2024 04:23Current

8.3High risk

Vulners AI Score8.3

CVSS 25

CVSS 3.17.5

EPSS0.06184