3 matches found
EulerOS 2.0 SP8 : squid (EulerOS-SA-2020-1828)
According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This functi...
Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-1666)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elemen...