Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid-cache squid 2.7 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-50269
Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 up to and including 2.7.STABLE9, versions 3.1 up to and including 5.9, and versions 6.0.1 up to and including 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request...
Squid-cache Squid 2.6
Squid-cache Squid 2.7
Squid-cache Squid
6.8
CVSSv2
CVE-2014-6270
Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based ...
Squid-cache Squid 2.7.stable2
Squid-cache Squid 2.7.stable3
Squid-cache Squid 2.7.stable1
Squid-cache Squid 2.7.stable8
Squid-cache Squid 2.7.stable9
Squid-cache Squid 2.6.stable8
Squid-cache Squid 2.6.stable9
Squid-cache Squid 2.6.stable16
Squid-cache Squid 2.6.stable17
Squid-cache Squid 2.5.stable1
Squid-cache Squid 2.5.stable2
Squid-cache Squid 2.5.stable10
Squid-cache Squid 2.5.stable11
Squid-cache Squid 2.4.stable4
Squid-cache Squid 2.4.stable5
Squid-cache Squid 3.0
Squid-cache Squid 3.0.stable12
Squid-cache Squid 3.0.stable13
Squid-cache Squid 3.0.stable19
Squid-cache Squid 3.0.stable2
Squid-cache Squid 3.0.stable3
Squid-cache Squid 3.0.stable4
6.5
CVSSv2
CVE-2020-15049
An issue exists in http/ContentLengthInterpreter.cc in Squid prior to 4.12 and 5.x prior to 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an un...
Squid-cache Squid 2.7
Squid-cache Squid
Fedoraproject Fedora 31
4
CVSSv2
CVE-2021-31807
An issue exists in Squid prior to 4.15 and 5.x prior to 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any...
Squid-cache Squid 2.5.stable6
Squid-cache Squid 2.6
Squid-cache Squid 2.5.stable9
Squid-cache Squid 2.7
Squid-cache Squid 2.5.stable4
Squid-cache Squid 2.5.stable7
Squid-cache Squid 2.5.stable14
Squid-cache Squid 2.5.stable2
Squid-cache Squid 2.5.stable5
Squid-cache Squid 2.5.stable12
Squid-cache Squid 2.5.stable13
Squid-cache Squid 2.5.stable11
Squid-cache Squid 2.5.stable3
Squid-cache Squid 2.5.stable8
Squid-cache Squid 2.5.stable10
Squid-cache Squid
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Manager -
5
CVSSv2
CVE-2010-0639
The htcpHandleTstRequest function in htcp.c in Squid 2.x prior to 2.6.STABLE24 and 2.7 prior to 2.7.STABLE8, and htcp.cc in 3.0 prior to 3.0.STABLE24, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the...
Squid-cache Squid 2.6
Squid-cache Squid 2.7
Squid-cache Squid 2.1
Squid-cache Squid 3.0.stable2
Squid-cache Squid 3.0.stable20
Squid-cache Squid 3.0.stable21
Squid-cache Squid 3.0.stable22
Squid-cache Squid 3.0.stable11
Squid-cache Squid 3.0.stable12
Squid-cache Squid 3.0.stable13
Squid-cache Squid 3.0.stable14
Squid-cache Squid 3.0.stable15
Squid-cache Squid 3.0.stable7
Squid-cache Squid 3.0.stable8
Squid-cache Squid 3.0.stable9
Squid-cache Squid 3.0.stable23
Squid-cache Squid 2.0
Squid-cache Squid 2.5
Squid-cache Squid 2.2
Squid-cache Squid 3.0
Squid-cache Squid 3.0.stable16
Squid-cache Squid 3.0.stable18
5
CVSSv2
CVE-2009-2855
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote malicious users to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
Squid-cache Squid 2.7
4
CVSSv2
CVE-2010-0308
lib/rfc1035.c in Squid 2.x, 3.0 up to and including 3.0.STABLE22, and 3.1 up to and including 3.1.0.15 allows remote malicious users to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header.
Squid-cache Squid 3.0
Squid-cache Squid 2.6
Squid-cache Squid 2.7
Squid-cache Squid 3.1.0.6
Squid-cache Squid 3.1.0.7
Squid-cache Squid 3.1.0.11
Squid-cache Squid 3.0.stable22
Squid-cache Squid 3.0.stable15
Squid-cache Squid 3.0.stable14
Squid-cache Squid 3.0.stable6
Squid-cache Squid 3.0.stable5
Squid-cache Squid 2.1
Squid-cache Squid 2.0
Squid-cache Squid 3.1
Squid-cache Squid 3.1.0.1
Squid-cache Squid 3.1.0.8
Squid-cache Squid 3.1.0.9
Squid-cache Squid 3.1.0.10
Squid-cache Squid 3.0.stable21
Squid-cache Squid 3.0.stable20
Squid-cache Squid 3.0.stable13
Squid-cache Squid 3.0.stable12
5
CVSSv2
CVE-2012-5643
Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x prior to 3.1.22, 3.2.x prior to 3.2.4, and 3.3.x prior to 3.3.0.2 allow remote malicious users to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST r...
Squid-cache Squid 2.6
Squid-cache Squid 2.0
Squid-cache Squid 2.7
Squid-cache Squid 2.2
Squid-cache Squid 2.3
Squid-cache Squid 2.5
Squid-cache Squid 2.1
Squid-cache Squid 2.4
Squid-cache Squid 3.1.0.18
Squid-cache Squid 3.0.stable13
Squid-cache Squid 3.1.21
Squid-cache Squid 3.0
Squid-cache Squid 3.0.stable9
Squid-cache Squid 3.1.13
Squid-cache Squid 3.0.stable20
Squid-cache Squid 3.0.stable14
Squid-cache Squid 3.0.stable3
Squid-cache Squid 3.1.17
Squid-cache Squid 3.1.0.7
Squid-cache Squid 3.1.0.14
Squid-cache Squid 3.0.stable4
Squid-cache Squid 3.1.0.12
5.8
CVSSv2
CVE-2019-18677
An issue exists in Squid 3.x and 4.x up to and including 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origin...
Squid-cache Squid 2.7
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5
CVSSv2
CVE-2019-18679
An issue exists in Squid 2.x, 3.x, and 4.x up to and including 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocatio...
Squid-cache Squid 2.7
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »