An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted. This problem allows a remote server to obtain security trust well improperly. This indication of trust may be passed along to clients, allowing access to unsafe or hijacked services.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2021/12/23/2 | Mailing List Third Party Advisory |
http://www.squid-cache.org/Versions/v6/changesets/squid-6-43d6b5c81b88ec2256b430c69a872a1e4f324e4a.patch | Vendor Advisory |
https://github.com/squid-cache/squid/security/advisories/GHSA-47m4-g3mv-9q5r | Patch Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CWQ2WKDWTSO47S3F6XJJ6HGG2ULWEAE4/ |
Configurations
History
07 Nov 2023, 03:38
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
31 Mar 2022, 16:26
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) http://www.openwall.com/lists/oss-security/2021/12/23/2 - Mailing List, Third Party Advisory |
23 Dec 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Nov 2021, 23:28
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWQ2WKDWTSO47S3F6XJJ6HGG2ULWEAE4/ - Mailing List, Third Party Advisory |
17 Nov 2021, 22:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Nov 2021, 01:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Oct 2021, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
21 Oct 2021, 22:44
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:* | |
References | (MISC) http://www.squid-cache.org/Versions/v6/changesets/squid-6-43d6b5c81b88ec2256b430c69a872a1e4f324e4a.patch - Vendor Advisory | |
References | (CONFIRM) https://github.com/squid-cache/squid/security/advisories/GHSA-47m4-g3mv-9q5r - Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CWE | CWE-295 |
18 Oct 2021, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-10-18 09:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-41611
Mitre link : CVE-2021-41611
CVE.ORG link : CVE-2021-41611
JSON object : View
Products Affected
squid-cache
- squid
fedoraproject
- fedora
CWE
CWE-295
Improper Certificate Validation