CVE-2020-11945 log

Severity Critical
Remote Yes
Type Arbitrary code execution
An integer overflow has been found in Squid before 4.11 or 5.0.2. When memory pooling is used this problem allows a remote client to replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. When memory pooling is disabled this problem allows a remote client to perform remote code execution through the free'd nonce credentials.
Group Package Affected Fixed Severity Status Ticket
AVG-1146 squid 4.10-2 4.12-1 Critical Fixed