Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

squid-cache squid 3.5.27 vulnerabilities and exploits

(subscribe to this query)
5.9
CVSSv3
CVE-2018-1172
This vulnerability allows remote malicious users to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists within ClientRequestContext::sslBumpAccessCh...
Squid-cache Squid 3.5.27
7.5
CVSSv3
CVE-2019-18679
An issue exists in Squid 2.x, 3.x, and 4.x up to and including 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocatio...
Squid-cache Squid 2.7Squid-cache SquidCanonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 19.04Canonical Ubuntu Linux 19.10Debian Debian Linux 8.0Fedoraproject Fedora 30Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2018-1000024
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable v...
Squid-cache SquidDebian Debian Linux 9.0Debian Debian Linux 8.0Debian Debian Linux 7.0Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 17.10
7.3
CVSSv3
CVE-2020-8450
An issue exists in Squid prior to 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
Squid-cache SquidCanonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 19.10Opensuse Leap 15.1Fedoraproject Fedora 30Fedoraproject Fedora 31Debian Debian Linux 9.0Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2019-12528
An issue exists in Squid prior to 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
Squid-cache SquidFedoraproject Fedora 30Fedoraproject Fedora 31Debian Debian Linux 9.0Debian Debian Linux 10.0Opensuse Leap 15.1Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 19.10Canonical Ubuntu Linux 16.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook