Lucene search
HistoryJun 25, 2024 - 8:15 p.m.
CVE-2024-37894
squid proxy
out-of-bounds write
denial of service
memory corruption
6.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
9.1%
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack.
Related
cvelist
cvelist
CVE-2024-37894 Squid vulnerable to heap corruption in ESI assign
2024-06-25 19:39:02
vulnrichment
vulnrichment
CVE-2024-37894 Squid vulnerable to heap corruption in ESI assign
2024-06-25 19:39:02
alpinelinux
alpinelinux
CVE-2024-37894
2024-06-25 20:15:11
debiancve
debiancve
CVE-2024-37894
2024-06-25 20:15:11
cve
cve
CVE-2024-37894
2024-06-25 20:15:11
openvas
openvas
Squid DoS Vulnerability (GHSA-wgvf-q977-9xjg, SQUID-2024:3)
2023-10-20 00:00:00
redhatcve
redhatcve
CVE-2024-37894
2024-06-26 01:21:26
6.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
9.1%
Related for NVD:CVE-2024-37894