{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-37894", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-10T19:54:41.361Z", "datePublished": "2024-06-25T19:39:02.376Z", "dateUpdated": "2024-08-02T03:57:39.982Z"}, "containers": {"cna": {"title": "Squid vulnerable to heap corruption in ESI assign", "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "lang": "en", "description": "CWE-787: Out-of-bounds Write", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/squid-cache/squid/security/advisories/GHSA-wgvf-q977-9xjg", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/squid-cache/squid/security/advisories/GHSA-wgvf-q977-9xjg"}, {"name": "https://github.com/squid-cache/squid/commit/f411fe7d75197852f0e5ee85027a06d58dd8df4c.patch", "tags": ["x_refsource_MISC"], "url": "https://github.com/squid-cache/squid/commit/f411fe7d75197852f0e5ee85027a06d58dd8df4c.patch"}, {"url": "https://security.netapp.com/advisory/ntap-20240719-0001/"}], "affected": [{"vendor": "squid-cache", "product": "squid", "versions": [{"version": ">= 3.0, <= 3.5.28", "status": "affected"}, {"version": ">= 4.0, <= 4.16", "status": "affected"}, {"version": ">= 5.0, <= 5.9", "status": "affected"}, {"version": ">= 6.0, <= 6.9", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-25T19:39:02.376Z"}, "descriptions": [{"lang": "en", "value": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack."}], "source": {"advisory": "GHSA-wgvf-q977-9xjg", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-26T14:07:04.077026Z", "id": "CVE-2024-37894", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-26T14:07:11.424Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:57:39.982Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/squid-cache/squid/security/advisories/GHSA-wgvf-q977-9xjg", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/squid-cache/squid/security/advisories/GHSA-wgvf-q977-9xjg"}, {"name": "https://github.com/squid-cache/squid/commit/f411fe7d75197852f0e5ee85027a06d58dd8df4c.patch", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/squid-cache/squid/commit/f411fe7d75197852f0e5ee85027a06d58dd8df4c.patch"}, {"url": "https://security.netapp.com/advisory/ntap-20240719-0001/", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-37894", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-26T14:07:04.077026Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-26T14:07:08.052Z"}}], "cna": {"title": "Squid vulnerable to heap corruption in ESI assign", "source": {"advisory": "GHSA-wgvf-q977-9xjg", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "squid-cache", "product": "squid", "versions": [{"status": "affected", "version": ">= 3.0, <= 3.5.28"}, {"status": "affected", "version": ">= 4.0, <= 4.16"}, {"status": "affected", "version": ">= 5.0, <= 5.9"}, {"status": "affected", "version": ">= 6.0, <= 6.9"}]}], "references": [{"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-wgvf-q977-9xjg", "name": "https://github.com/squid-cache/squid/security/advisories/GHSA-wgvf-q977-9xjg", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/squid-cache/squid/commit/f411fe7d75197852f0e5ee85027a06d58dd8df4c.patch", "name": "https://github.com/squid-cache/squid/commit/f411fe7d75197852f0e5ee85027a06d58dd8df4c.patch", "tags": ["x_refsource_MISC"]}, {"url": "https://security.netapp.com/advisory/ntap-20240719-0001/"}], "descriptions": [{"lang": "en", "value": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-25T19:39:02.376Z"}}}, "cveMetadata": {"cveId": "CVE-2024-37894", "state": "PUBLISHED", "dateUpdated": "2024-06-25T19:39:02.376Z", "dateReserved": "2024-06-10T19:54:41.361Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-06-25T19:39:02.376Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack."}, {"lang": "es", "value": "Squid es un proxy de almacenamiento en cach\u00e9 para la Web que admite HTTP, HTTPS, FTP y m\u00e1s. Debido a un error de escritura fuera de los l\u00edmites al asignar variables ESI, Squid es susceptible a un error de corrupci\u00f3n de memoria. Este error puede provocar un ataque de denegaci\u00f3n de servicio."}], "id": "CVE-2024-37894", "lastModified": "2024-07-19T14:15:05.957", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 4.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-06-25T20:15:11.873", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/squid-cache/squid/commit/f411fe7d75197852f0e5ee85027a06d58dd8df4c.patch"}, {"source": "security-advisories@github.com", "url": "https://github.com/squid-cache/squid/security/advisories/GHSA-wgvf-q977-9xjg"}, {"source": "security-advisories@github.com", "url": "https://security.netapp.com/advisory/ntap-20240719-0001/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:4861", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "squid-7:5.5-13.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:5906", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "squid-7:5.5-5.el9_2.7", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-08-27T00:00:00Z"}], "bugzilla": {"description": "squid: Out-of-bounds write error may lead to Denial of Service", "id": "2294353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294353"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-787", "details": ["Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack.", "A flaw was found in Squid. An out-of-bounds write can be triggered when an Edge Side Includes (ESI) variable is assigned to a value not in the standard ASCII range, for example, multi-byte characters. This flaw allows a trusted server to crash Squid while processing an ESI response content, resulting in a denial of service."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-37894", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "squid", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "squid34", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "squid", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "squid:4/squid", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2024-06-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-37894\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-37894\nhttps://github.com/squid-cache/squid/security/advisories/GHSA-wgvf-q977-9xjg\nhttps://megamansec.github.io/Squid-Security-Audit/esi-underflow.html"], "statement": "Squid as shipped in Red Hat Enterprise Linux 8 and 9 is vulnerable to this vulnerability as the ESI support is enabled by default.\nThis flaw requires Squid to be in a reverse proxy configuration and using an ESI variable with non ASCII characters, allowing a trusted server to cause a denial of service. For these reasons, this flaw was rated with a Moderate severity.", "threat_severity": "Moderate"}