CVE-2020-14058 vulnerability in Squid Cache and Other Products
Published on June 30, 2020

An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs because unrecognized error values are mapped to NULL, but later code expects that each error value is mapped to a valid error string.

Vendor Advisory NVD

Products Associated with CVE-2020-14058

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-14058 are published in these products:

Squid Cache Squid

Fedora Project Fedora

NetApp Cloud Manager

Exploit Probability

EPSS

0.55%

Percentile

67.35%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-14058 vulnerability in Squid Cache and Other ProductsPublished on June 30, 2020

Products Associated with CVE-2020-14058

Exploit Probability

CVE-2020-14058 vulnerability in Squid Cache and Other Products
Published on June 30, 2020