Description
An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7834)
Phusion Passenger Other Vulnerability (CVE-2014-1831)
WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1)
MySQL CVE-2016-9840 Vulnerability (CVE-2016-9840)
Payara Files or Directories Accessible to External Parties Vulnerability (CVE-2022-45129)