Description
An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user controlled data.
Remediation
References
Related Vulnerabilities
WordPress Plugin QueryWall:Plug'n Play Firewall Cross-Site Scripting (1.1.0)
Oracle JRE CVE-2023-21939 Vulnerability (CVE-2023-21939)
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.16.68)
WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-14725)
WordPress Plugin WP Construction Mode Cross-Site Request Forgery (1.8)