Description
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc.
Remediation
References
Related Vulnerabilities
Lighttpd NULL Pointer Dereference Vulnerability (CVE-2022-37797)
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
Handlebars Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20922)
WordPress Plugin Package Quantity Discount Security Bypass (1.1.2)