5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.965 High
EPSS
Percentile
99.6%
The squid patches page notes:
This patch addresses a HTTP protocol mismatch related to oversized
reply headers. In addition it enhances the cache.log reporting on
reply header parsing failures to make it easier to track down which
sites are malfunctioning.
It is believed that this bug may lead to cache pollution or
allow access controls to be bypassed.