VDB

GCVE-VVD-MAGEIA-2020-187

GCVE-VVD-MAGEIA-2020-187
Advisory Published
Vulnetix · Advisory published August 20, 2020
Updated squid packages fix security vulnerability: Due to an integer overflow bug Squid is vulnerable to credential replay and remote code execution attacks against HTTP Digest Authentication tokens. When memory pooling is used this problem allows a remote client to replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. When memory pooling is disabled this problem allows a remote client to perform remote code execution through the free'd nonce credentials (CVE-2020-11945).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiasquid0 (affected), 4.11-1.mga7 (unaffected), 0 (affected), 4.11-1.mga7 (unaffected)
Mageiaethtool0 (affected), 5.8-1.mga7 (unaffected)

References

Updated squid packages fix security vulnerability
advisory
Updated squid packages fix security vulnerability
issue
Updated squid packages fix security vulnerability
issue
Updated ethtool package fixes 5.8 Linux kernel support
advisory
Updated ethtool package fixes 5.8 Linux kernel support
issue
Updated ethtool package fixes 5.8 Linux kernel support
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›