References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Change History

GitHub, Inc. https://security.netapp.com/advisory/ntap-20240322-0006/ [No types assigned]

GitHub, Inc. AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

GitHub, Inc. CWE-182

GitHub, Inc. CWE-400

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Collapse of Data into Unsafe Value bug ,Squid may be vulnerable to a Denial of Service attack against HTTP header parsing. This problem allows a remote client or a remote server to perform Denial of Service when sending oversized headers in HTTP messages. In versions of Squid prior to 6.5 this can be achieved if the request_header_max_size or reply_header_max_size settings are unchanged from the def

GitHub, Inc. https://github.com/squid-cache/squid/commit/72a3bbd5e431597c3fdb56d752bc56b010ba3817 [No types assigned]

GitHub, Inc. https://github.com/squid-cache/squid/security/advisories/GHSA-h5x6-w8mv-xfpr [No types assigned]