Squid vulnerable to Denial of Service attacks due to security bugs
CVE-2024-45802

7.5HIGH

Key Information:

Vendor: Squid-cache
Status: Squid
Vendor: CVE Published:; 28 October 2024

🔔 Create Squid-cache Vulnerability Alert

What is CVE-2024-45802?

The Squid Proxy is an open-source caching solution that facilitates web traffic management for various protocols such as HTTP, HTTPS, and FTP. A vulnerability exists that arises from improper input validation and issues related to resource management. Specifically, the vulnerability permits a trusted server to exploit these weaknesses, thereby potentially launching Denial of Service attacks against all clients utilizing the Squid Proxy. This can disrupt services and degrade the overall performance of the proxy server, affecting the reliability of web traffic management. The issue has been rectified in the default build configuration of Squid version 6.10.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

squid >= 3.0, < 6.10

References

https://github.com/squid-cache/squid/security/advisories/...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 28, 2024
Vulnerability Reserved
Sep 9, 2024

JSON

Squid-cache

What is CVE-2024-45802?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.