View at Official debian advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2013-7401 not yet assigned priority: Debian including 1 source packages (c-icap), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.