CVE-2019-12527 - log back

CVE-2019-12527 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ Due to incorrect buffer management Squid versions prior to 4.8 are vulnerable to a heap overflow and possible remote code execution attack when processing HTTP Authentication credentials.
References
+ http://www.squid-cache.org/Advisories/SQUID-2019_5.txt
+ http://www.squid-cache.org/Versions/v4/changesets/squid-4-7f73e9c5d17664b882ed32590e6af310c247f320.patch
Notes