Description
http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.
Remediation
References
Related Vulnerabilities
Trac URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2008-2951)
XWiki CVE-2023-26473 Vulnerability (CVE-2023-26473)
XWiki Improper Handling of Insufficient Privileges Vulnerability (CVE-2024-21648)
WordPress Plugin moreAds SE Open Redirect (1.4.8)
axios Unintended Proxy or Intermediary ('Confused Deputy') Vulnerability (CVE-2026-44494)