Description
The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port.
Remediation
References
Related Vulnerabilities
Magento CVE-2019-8230 Vulnerability (CVE-2019-8230)
Django Incorrect Regular Expression Vulnerability (CVE-2018-7537)
IBM WebSEAL Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-4707)
WordPress Plugin yolink Search for WordPress Cross-Site Scripting (2.5)
WordPress Plugin FormCraft-Premium WordPress Form Builder Cross-Site Scripting (3.2.31)