Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-46784
HistoryDec 31, 2021 - 12:00 a.m.

CVE-2021-46784

2021-12-3100:00:00
ubuntu.com
ubuntu.com
28
cve-2021-46784
squid
buffer management
denial of service
gopher
unix

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.02

Percentile

88.9%

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to
improper buffer management, a Denial of Service can occur when processing
long Gopher server responses.

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchsquid< 4.10-1ubuntu1.6UNKNOWN
ubuntu21.10noarchsquid< 4.13-10ubuntu5.1UNKNOWN
ubuntu22.04noarchsquid< 5.2-1ubuntu4.1UNKNOWN
ubuntu22.10noarchsquid< 5.2-1ubuntu5UNKNOWN
ubuntu23.04noarchsquid< 5.2-1ubuntu5UNKNOWN
ubuntu23.10noarchsquid< 5.2-1ubuntu5UNKNOWN
ubuntu24.04noarchsquid< 5.2-1ubuntu5UNKNOWN
ubuntu18.04noarchsquid3< 3.5.27-1ubuntu1.13UNKNOWN
ubuntu16.04noarchsquid3< anyUNKNOWN

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.02

Percentile

88.9%