CVE-2021-41611

Name
CVE-2021-41611
Description
An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted. This problem allows a remote server to obtain security trust well improperly. This indication of trust may be passed along to clients, allowing access to unsafe or hijacked services.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC http://www.squid-cache.org/Versions/v6/changesets/squid-6-43d6b5c81b88ec2256b430c69a872a1e4f324e4a.patch
CONFIRM https://github.com/squid-cache/squid/security/advisories/GHSA-47m4-g3mv-9q5r
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWQ2WKDWTSO47S3F6XJJ6HGG2ULWEAE4/
MLIST http://www.openwall.com/lists/oss-security/2021/12/23/2

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:* squid >= 5.0.6 < 5.2

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
squid 3.14-main 5.0.6-r2 Natanael Copa <ncopa@alpinelinux.org> fixed
squid 3.13-main 5.0.6-r2 Natanael Copa <ncopa@alpinelinux.org> fixed
squid 3.15-main 5.2-r0 Natanael Copa <ncopa@alpinelinux.org> fixed