Summary
Some versions of Squid, when configured to use Digest authentication, exhibit vulnerabilities while parsing certain tokens like domain, URI, and qop. Such vulnerabilities can lead to denial of service and cross-site scripting attacks, and potentially the execution of arbitrary code
Products Potentially Affected
| OS/Product |
Exposure |
| IQ Engine (HiveOS) |
Investigating |
|
Repair Recommendations
None
Please see the full security advisory article here for more details and updates.
