Your submission was sent successfully! Close


Published: 18 October 2021

An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted. This problem allows a remote server to obtain security trust well improperly. This indication of trust may be passed along to clients, allowing access to unsafe or hijacked services.



CVSS 3 base score: 7.5


Package Release Status
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Not vulnerable

hirsute Not vulnerable

impish Not vulnerable

jammy Not vulnerable

trusty Does not exist

Released (5.2)
xenial Does not exist

Launchpad, Ubuntu, Debian
bionic Not vulnerable

focal Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

trusty Does not exist

upstream Not vulnerable

xenial Not vulnerable