Description
Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary header.
Remediation
References
Related Vulnerabilities
Craft CMS Other Vulnerability (CVE-2025-35939)
Next.js CVE-2021-43803 Vulnerability (CVE-2021-43803)
WordPress Plugin Sticky Related Posts Cross-Site Scripting (1.0)
WordPress Plugin WPFront User Role Editor Multiple Cross-Site Scripting Vulnerabilities (2.13)
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-15882)