cvedb.io
CVE-2021-41611
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2021-10-18T09:15:08.823 · Last modified 2026-06-17T04:08:43.330

Summary

An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted. This problem allows a remote server to obtain security trust well improperly. This indication of trust may be passed along to clients, allowing access to unsafe or hijacked services.

Affected products

squid-cache — squid

Does this affect you?

Add your gear to cvedb and we'll alert you only when squid-cache ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.