CVE-2020-8449

HIGH7.5EPSS 4.0%

Published: 2/4/2020Modified: 12/3/2025

Also known as:ALPINE-CVE-2020-8449

Description

An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.

Affected packages (2)

Alpine/squidfrom 0, < 4.10-r0
Debian/squidfrom 0, < 4.10-1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References (2)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2020-8449
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2020-8449