Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid-cache squid 3.4.8 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-1000024
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable v...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
7.5
CVSSv3
CVE-2018-1000027
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be e...
Squid-cache Squid
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
7.5
CVSSv3
CVE-2016-10002
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 up to and including 3.1.23, 3.2.0.3 up to and including 3.5.22, and 4.0.1 up to and including 4.0.16 leads to client-specific Cookie data being leaked to other clients. Atta...
Debian Debian Linux 8.0
Squid-cache Squid 3.1.12
Squid-cache Squid 3.1.14
Squid-cache Squid 3.1.21
Squid-cache Squid 3.1.22
Squid-cache Squid 3.1.15
Squid-cache Squid 3.1.16
Squid-cache Squid 3.1.10
Squid-cache Squid 3.1.11
Squid-cache Squid 3.1.19
Squid-cache Squid 3.1.20
Squid-cache Squid 3.1.23
Squid-cache Squid 3.1.17
Squid-cache Squid 3.1.18
Squid-cache Squid 3.2.0.14
Squid-cache Squid 3.2.0.15
Squid-cache Squid 3.2.0.6
Squid-cache Squid 3.2.0.7
Squid-cache Squid 3.2.13
Squid-cache Squid 3.2.2
Squid-cache Squid 3.2.9
Squid-cache Squid 3.2.14
7.5
CVSSv3
CVE-2016-2570
The Edge Side Includes (ESI) parser in Squid 3.x prior to 3.5.15 and 4.x prior to 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/Cu...
Squid-cache Squid 4.0.3
Squid-cache Squid 4.0.2
Squid-cache Squid 3.4.8
Squid-cache Squid 3.4.4
Squid-cache Squid 3.4.1
Squid-cache Squid 3.4.0.3
Squid-cache Squid 3.3.5
Squid-cache Squid 3.3.4
Squid-cache Squid 3.3.0.3
Squid-cache Squid 3.3.0.2
Squid-cache Squid 3.2.4
Squid-cache Squid 3.2.3
Squid-cache Squid 3.2.0.9
Squid-cache Squid 3.2.0.8
Squid-cache Squid 3.2.0.18
Squid-cache Squid 3.2.0.17
Squid-cache Squid 3.2.0.10
Squid-cache Squid 3.2.0.1
Squid-cache Squid 3.1.4
Squid-cache Squid 3.1.3
Squid-cache Squid 3.1.1
Squid-cache Squid 3.1.0.9
NA
CVE-2014-9749
Squid 3.4.4 up to and including 3.4.11 and 3.5.0.1 up to and including 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."
Squid-cache Squid 3.4.10
Squid-cache Squid 3.4.12
Squid-cache Squid 3.4.5
Squid-cache Squid 3.4.6
Squid-cache Squid 3.4.7
Squid-cache Squid 3.4.8
Squid-cache Squid 3.5.0.1
Squid-cache Squid 3.5.0.2
Squid-cache Squid 3.5.0.3
Squid-cache Squid 3.5.0.4
Squid-cache Squid 3.4.4
Squid-cache Squid 3.4.9
Squid-cache Squid 3.4.11
Squid-cache Squid 3.4.13
Squid-cache Squid 3.5.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2015-5400
Squid prior to 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote malicious users to bypass intended restrictions and gain access to a backend proxy via a CONNECT request.
Fedoraproject Fedora 22
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Squid-cache Squid
NA
CVE-2014-7142
The pinger in Squid 3.x prior to 3.4.8 allows remote malicious users to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.
Oracle Solaris 11.2
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Squid-cache Squid 3.4.5
Squid-cache Squid 3.4.4
Squid-cache Squid 3.1.1
Squid-cache Squid 3.1.10
Squid-cache Squid 3.1.17
Squid-cache Squid 3.1.18
Squid-cache Squid 3.1.19
Squid-cache Squid 3.1.5
Squid-cache Squid 3.1.5.1
Squid-cache Squid 3.2.0.11
Squid-cache Squid 3.2.0.12
Squid-cache Squid 3.2.0.2
Squid-cache Squid 3.2.0.3
Squid-cache Squid 3.2.1
Squid-cache Squid 3.2.10
Squid-cache Squid 3.2.6
Squid-cache Squid 3.2.7
Squid-cache Squid 3.3.10
Squid-cache Squid 3.3.11
NA
CVE-2014-7141
The pinger in Squid 3.x prior to 3.4.8 allows remote malicious users to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.
Squid-cache Squid 3.4.1
Squid-cache Squid 3.4.0.3
Squid-cache Squid 3.1.14
Squid-cache Squid 3.1.15
Squid-cache Squid 3.1.21
Squid-cache Squid 3.1.22
Squid-cache Squid 3.1.8
Squid-cache Squid 3.1.9
Squid-cache Squid 3.2.0.1
Squid-cache Squid 3.2.0.16
Squid-cache Squid 3.2.0.17
Squid-cache Squid 3.2.0.6
Squid-cache Squid 3.2.0.7
Squid-cache Squid 3.2.3
Squid-cache Squid 3.2.4
Squid-cache Squid 3.3.0.1
Squid-cache Squid 3.3.0.2
Squid-cache Squid 3.3.3
Squid-cache Squid 3.3.4
Squid-cache Squid 3.4.7
Squid-cache Squid 3.4.6
Squid-cache Squid 3.4.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started