Description
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption.
Remediation
References
Related Vulnerabilities
OpenSSL Resource Management Errors Vulnerability (CVE-2016-6308)
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2006-20001)
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-2160)
WordPress Plugin Advanced Custom Fields (ACF) 'acf_abspath' Parameter Remote File Include (3.5.1)