Lucene search

K
debianDebianDEBIAN:DLA-1847-1:2B931
HistoryJul 07, 2019 - 8:11 p.m.

[SECURITY] [DLA 1847-1] squid3 security update

2019-07-0720:11:10
lists.debian.org
203

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

8.5 High

AI Score

Confidence

High

0.942 High

EPSS

Percentile

99.2%

Package : squid3
Version : 3.4.8-6+deb8u7
CVE ID : CVE-2019-13345
Debian Bug : #931478

It was discovered that there were multiple cross-site scripting
vulnerabilities in the squid3 caching proxy server.

For Debian 8 "Jessie", these issues have been fixed in squid3
version 3.4.8-6+deb8u7.

We recommend that you upgrade your squid3 packages.

Regards,


  ,''`.
 : :'  :     Chris Lamb
 `. `'`      [email protected] / chris-lamb.co.uk
   `-

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

8.5 High

AI Score

Confidence

High

0.942 High

EPSS

Percentile

99.2%