VDB
ALPINE-CVE-2020-8449
ALPINE-CVE-2020-8449
PUBLISHED
CVSS 7.5 HIGH
An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.14 | squid | 3.4.12-r0, 3.4.5-r0, 3.4.6-r0 |
| Alpine:v3.8 | squid | 3.5.8-r0, 3.5.7-r0, 3.5.6-r1 |
| Alpine:v3.15 | squid | 3.5.27-r0, 3.2.0.12-r3, 3.2.0.12-r2 |
| Alpine:v3.23 | squid | 4.9-r0, 4.8-r1, 4.8-r0 |
| Alpine:v3.13 | squid | 3.2.0.12-r3, 3.2.0.13-r0, 3.2.0.16-r0 |
| Alpine:v3.21 | squid | 4.8-r1, 4.8-r0, 4.6-r1 |
| Alpine:v3.22 | squid | 3.2.0.12-r3, 3.2.0.12-r4, 3.2.0.13-r0 |
| Alpine:v3.18 | squid | 3.2.0.12-r4, 3.2.0.13-r0, 3.2.0.16-r0 |
| Alpine:v3.16 | squid | 0, 2.7.6-r0, 2.7.6-r1 |
| Alpine:v3.10 | squid | 2.7.6-r8, 2.7.7-r2, 2.7.9-r2 |
| Alpine:v3.9 | squid | 3.5.23-r1, 4.8-r1, 4.8-r0 |
| Alpine:v3.17 | squid | 3.5.20-r1, 3.2.0.19-r0, 4.9-r0 |
| Alpine:v3.20 | squid | 3.2.0.13-r0, 4.9-r0, 4.8-r1 |
| Alpine:v3.11 | squid | 3.2.0.12-r1, 2.7.9-r4, 2.7.9-r2 |
| Alpine:v3.12 | squid | 4.8-r1, 4.9-r0, 4.8-r1 |
| Alpine:v3.19 | squid | 4.9-r0, 4.8-r1, 4.8-r0 |
Timeline
- Feb 4, 2020 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch