CVE-2019-12521 log

Source
Severity High
Remote Yes
Type Content spoofing
Description
A heap-based out-of-bounds write has been found in Squid before 4.11 or 5.0.2., where a crafted ESI response sent from an upstream server can truncate portions of generated payloads, poisoning the HTTP response cache with corrupted objects. On systems with heap overflow protection overflow will shutdown the proxy causing a denial of service for all clients accessing the Squid service.
Group Package Affected Fixed Severity Status Ticket
AVG-1146 squid 4.10-2 Critical Vulnerable
References
http://www.squid-cache.org/Advisories/SQUID-2019_12.txt
http://www.squid-cache.org/Versions/v4/changesets/squid-4-fdd4123629320aa1ee4c3481bb392437c90d188d.patch