FTP Server Triggered Heap Memory Disclosure in Squid

FTP Server Triggered Heap Memory Disclosure in Squid

CVE-2019-12528 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.

Learn more about our Cis Benchmark Audit For Server Software.