CVE-2019-12527 log

Source
Severity Critical
Remote Yes
Type Arbitrary code execution
Description
Due to incorrect buffer management Squid versions prior to 4.8 are vulnerable to a heap overflow and possible remote code execution attack when processing HTTP Authentication credentials.
Group Package Affected Fixed Severity Status Ticket
AVG-1004 squid 4.7-2 4.8-1 Critical Fixed
Date Advisory Group Package Severity Description
17 Jul 2019 ASA-201907-5 AVG-1004 squid Critical arbitrary code execution
References
http://www.squid-cache.org/Advisories/SQUID-2019_5.txt
http://www.squid-cache.org/Versions/v4/changesets/squid-4-7f73e9c5d17664b882ed32590e6af310c247f320.patch