Description

An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace character prefix to the length field-value.

Remediation

References

CVE-2020-15049

Related Vulnerabilities

IBM WebSEAL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2019-4156)

Envoy Proxy Use After Free Vulnerability (CVE-2023-35942)

MySQL CVE-2021-2055 Vulnerability (CVE-2021-2055)

OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4044)

WordPress 3.7.1 Multiple Vulnerabilities (3.7 - 3.7.1)

Severity

High

Classification

CVE-2020-15049 CWE-444 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities