AVG-1146 log

Package squid
Status Vulnerable
Severity Critical
Type multiple issues
Affected 4.10-2
Fixed Unknown
Current 4.10-2 [community]
Ticket Create
Created Thu Apr 30 08:11:40 2020
Issue Severity Remote Type Description
CVE-2020-11945 Critical Yes Arbitrary code execution
An integer overflow has been found in Squid before 4.11 or 5.0.2. When memory pooling is used this problem allows a remote client to replay a sniffed Digest...
CVE-2019-12521 High Yes Content spoofing
A heap-based out-of-bounds write has been found in Squid before 4.11 or 5.0.2., where a crafted ESI response sent from an upstream server can truncate...
CVE-2019-12519 High Yes Arbitrary code execution
A stack-based out-of-bounds write has been found in Squid before 4.11 or 5.0.2., where a crafted ESI response sent from an upstream server can overwrite...
References
http://www.squid-cache.org/Advisories/SQUID-2019_12.txt
http://www.squid-cache.org/Advisories/SQUID-2020_4.txt