Denial of Service Vulnerability in Squid Proxy Server by Squid Software
CVE-2021-28651

7.5HIGH

Key Information:

Vendor: Squid-cache
Status: Squid
Vendor: CVE Published:; 27 May 2021

🔔 Create Squid-cache Vulnerability Alert

What is CVE-2021-28651?

A vulnerability has been identified in Squid Proxy Server that can lead to a denial of service due to a buffer-management issue. When processing requests that use the 'urn:' scheme, an incorrect memory handling approach allows for a minor memory leak. Even more concerning, there is an unreported method of attack that can trigger significant memory consumption, potentially impacting the server's performance and availability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://bugs.squid-cache.org/show_bug.cgi?id=5104

https://github.com/squid-cache/squid/security/advisories/...

https://www.debian.org/security/2021/dsa-4924

vendor-advisory

EPSS Score

6% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 27, 2021
Vulnerability Reserved
Mar 17, 2021

JSON

Squid-cache

What is CVE-2021-28651?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

EPSS Score

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.