Your submission was sent successfully! Close

CVE-2015-0881

Published: 20 February 2015

CRLF injection vulnerability in Squid before 3.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted header in a response.

Priority

Medium

Status

Package Release Status
squid
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

squid3
Launchpad, Ubuntu, Debian
Upstream
Released (3.1.10)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected)