CVE-2020-25097 vulnerability in Squid Cache and Other Products
Published on March 19, 2021

An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2020-25097

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-25097 are published in these products:

Squid Cache Squid

Debian Linux

Fedora Project Fedora

NetApp Cloud Manager

Exploit Probability

EPSS

0.58%

Percentile

68.60%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-25097 vulnerability in Squid Cache and Other ProductsPublished on March 19, 2021

Products Associated with CVE-2020-25097

Exploit Probability

CVE-2020-25097 vulnerability in Squid Cache and Other Products
Published on March 19, 2021