Vulnerability Details CVE-2020-14059
An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.034
EPSS Ranking 86.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
- http://www.squid-cache.org/Advisories/SQUID-2020_5.txt
- http://www.squid-cache.org/Versions/v5/changesets/squid-5-7a5af8db8e0377c06ed9ffbdcb1334389c7cd8ab.patch
- https://security.netapp.com/advisory/ntap-20210312-0001/
- http://www.squid-cache.org/Advisories/SQUID-2020_5.txt
- http://www.squid-cache.org/Versions/v5/changesets/squid-5-7a5af8db8e0377c06ed9ffbdcb1334389c7cd8ab.patch
- https://security.netapp.com/advisory/ntap-20210312-0001/
Products affected by CVE-2020-14059
-
cpe:2.3:a:squid-cache:squid:5.0
-
cpe:2.3:a:squid-cache:squid:5.0.1
-
cpe:2.3:a:squid-cache:squid:5.0.2