CVE-2021-31806

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack against all clients using the proxy via HTTP Range request processing...

CVE-2021-31806

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack against all clients using the proxy via HTTP Range request processing...

Cross site request forgery (csrf)

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack against all clients using the proxy via HTTP Range request processing...

UBUNTU-CVE-2021-31806

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack against all clients using the proxy via HTTP Range request processing...

CVE-2021-31806

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack against all clients using the proxy via HTTP Range request processing...

CVE-2021-31808

CVE-2021-31808 affects Squid before 4.15 and 5.x before 5.0.6. It stems from an input-validation bug in HTTP Range handling that can be exploited to cause a Denial of Service against all clients using the proxy. Affected component: Squid’s HTTP Range request processing. Impact: availability degra...

CVE-2021-31806

CVE-2021-31806 is a memory-management bug in Squid’s HTTP Range request processing that enables a Denial of Service against all clients using the proxy. Affected are Squid releases before 4.15 and 5.x before 5.0.6. Public advisories and vendor/procurer notes corroborate impact as DoS (not informa...

CVE-2021-31808

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack against all clients using the proxy. A client sends an HTTP Range request to trigger this...

Squid 输入验证错误漏洞

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. An input validation error vulnerability exists in Squid. The vulnerability arises from insufficient validation of...

Security Bulletin: Vulnerability in Pivotal Spring Framework affects IBM TRIRIGA Application Platform (CVE-2018-15786)

Summary Pivotal Spring Framework, used by IBM TRIRIGA Application Platform, is vulnerable to a denial of service, caused by improper handling of range request by the ResourceHttpRequestHandler. Vulnerability Details CVEID: CVE-2018-15756 DESCRIPTION: Pivotal Spring Framework is vulnerable to a...

Security Bulletin: FileNet CMIS (FNCMIS) leveraging Spring Framework is vulnerable to a denial of service caused by improper handling of range request by the ResourceHttpRequestHandler

Summary FileNet Content Management Interoperability Services CMIS, which ships with IBM Content Navigator, is affected by the following vulnerability: Spring Framework’s improper handling of ResourceHttpRequestHandler could result in denial of service condition. Vulnerability Details CVE-ID:...

Security Bulletin: Public disclosed vulnerability from Spring Framework affects IBM Spectrum LSF Explorer

Summary Public disclosed vulnerability from Spring Framework affects IBM Spectrum LSF Explorer Vulnerability Details CVE-ID:CVE-2018-15756 Description: Pivotal Spring Framework is vulnerable to a denial of service, caused by improper handling of range request by the ResourceHttpRequestHandler. By...

Security Bulletin: Public disclosed vulnerability from Spring Framework affects IBM Spectrum LSF Application Center

Summary Public disclosed vulnerability from Spring Framework affects IBM Spectrum LSF Application Center Vulnerability Details CVE-ID:CVE-2018-15756 Description: Pivotal Spring Framework is vulnerable to a denial of service, caused by improper handling of range request by the...

Apache Traffic Server (ATS) Multiple Vulnerabilities (Aug 2018)

Apache Traffic Server ATS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Design/Logic Flaw

When there are multiple ranges in a range request, Apache Traffic Server ATS will read the entire object from cache. This can cause performance problems with large objects in cache. This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x users should upgra...

CVE-2018-8005

When there are multiple ranges in a range request, Apache Traffic Server ATS will read the entire object from cache. This can cause performance problems with large objects in cache. This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x users should upgra...

CVE-2018-8005

When there are multiple ranges in a range request, Apache Traffic Server ATS will read the entire object from cache. This can cause performance problems with large objects in cache. This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x users should upgra...

CVE-2018-8005

CVE-2018-8005 affects Apache Traffic Server (ATS). When a range request contains multiple ranges, ATS reads the entire object from cache, causing potential performance degradation for large cached objects. Affected versions are 6.0.0–6.2.2 and 7.0.0–7.1.3. Mitigation: upgrade to 6.2.3 or later fo...

CVE-2016-1381

Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via an HTTP file-range request for cached content, aka Bug ID CSCuw97270...

Cisco WSA Multiple Vulnerabilities 05/16

Cisco WSA Software is prone to multiple vulnerabilities. CVE-2016-1380 A vulnerability that occurs when parsing an HTTP POST request with Cisco AsyncOS for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS vulnerability due to the...