Description
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.
Remediation
References
Related Vulnerabilities
WebERP Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-20420)
WordPress Plugin Securimage-WP-Fixed Cross-Site Scripting (3.5.4)
Jenkins Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2018-1999043)
ZenCart Improper Input Validation Vulnerability (CVE-2009-4321)