Description
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.
Remediation
References
Related Vulnerabilities
Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)
Ruby on Rails Improper Access Control Vulnerability (CVE-2015-7577)
MySQL CVE-2024-21231 Vulnerability (CVE-2024-21231)
Oracle JRE CVE-2013-5782 Vulnerability (CVE-2013-5782)
WordPress Plugin Media Library Assistant Multiple Cross-Site Scripting Vulnerabilities (2.73)