VDB

GCVE-110-MAGEIA-2020-106

GCVE-110-MAGEIA-2020-106
Advisory Published
Vulnetix · Advisory published February 26, 2020
Updated squid packages fix security vulnerabilities: Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue to obtain sensitive information from Squid memory (CVE-2019-12528). Regis Leroy discovered that Squid incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to access server resources prohibited by earlier security filters (CVE-2020-8449). Guido Vranken discovered that Squid incorrectly handled certain buffer operations when acting as a reverse proxy. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2020-8450). Aaron Costello discovered that Squid incorrectly handled certain NTLM authentication credentials. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service (CVE-2020-8517).

Affected Products

VendorProductVersionsPlatforms
Mageiakernel-firmware-nonfree0 (affected), 20200316-1.mga7.nonfree (unaffected)
Mageiaradeon-firmware0 (affected), 20200416-1.mga7.nonfree (unaffected)
Mageiasquid0 (affected), 4.10-1.mga7 (unaffected), 0 (affected), 4.10-1.mga7 (unaffected)

Browse GCVE Records

72,664 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›