Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid squid vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-12524
An issue exists in Squid up to and including 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maint...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
7.5
CVSSv2
CVE-2020-8450
An issue exists in Squid prior to 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.5
CVSSv2
CVE-2016-1000027
Pivotal Spring Framework up to and including 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be ...
Vmware Spring Framework
12 Github repositories
7.5
CVSSv2
CVE-2019-12526
An issue exists in Squid prior to 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker contr...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.5
CVSSv2
CVE-2019-12525
An issue exists in Squid 3.3.9 up to and including 3.5.28 and 4.x up to and including 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token'...
Squid-cache Squid
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Fedoraproject Fedora 29
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
7.5
CVSSv2
CVE-2016-3947
Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid prior to 3.5.16 and 4.x prior to 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log ...
Squid-cache Squid 4.0.5
Squid-cache Squid 4.0.4
Squid-cache Squid 4.0.3
Squid-cache Squid 4.0.2
Squid-cache Squid 4.0.1
Squid-cache Squid 4.0.6
Squid-cache Squid 4.0.7
Squid-cache Squid
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
7.5
CVSSv2
CVE-2005-1711
Gibraltar Firewall 2.2 and previous versions, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected.
Clam Anti-virus Clamav 0.90.2
Squid Squid 2.6.stable1
Gibraltar Gibraltar Firewall 2.2
7.5
CVSSv2
CVE-2005-0173
squid_ldap_auth in Squid 2.5 and previous versions allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
Squid Squid 2.1.patch2
Squid Squid 2.1.pre1
Squid Squid 2.2.pre2
Squid Squid 2.2.stable1
Squid Squid 2.3.stable2
Squid Squid 2.3.stable3
Squid Squid 2.4.stable6
Squid Squid 2.4.stable7
Squid Squid 2.0.patch2
Squid Squid 2.0.pre1
Squid Squid 2.1.release
Squid Squid 2.2.devel3
Squid Squid 2.2.stable4
Squid Squid 2.2.stable5
Squid Squid 2.4.stable1
Squid Squid 2.4.stable2
Squid Squid 2.5.stable3
Squid Squid 2.5.stable4
Squid Squid 2.0.release
Squid Squid 2.1.patch1
Squid Squid 2.2.devel4
Squid Squid 2.2.pre1
7.5
CVSSv2
CVE-2005-1345
Squid 2.5.STABLE9 and previous versions does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.
Squid Squid 2.5.stable6
Squid Squid 2.5.stable7
Squid Squid 2.5.stable1
Squid Squid 2.5.stable2
Squid Squid 2.5.stable3
Squid Squid 2.5.stable4
Squid Squid 2.5.stable5
Squid Squid 2.5.stable8
Squid Squid 2.5.stable9
7.5
CVSSv2
CVE-2005-0211
Buffer overflow in wccp.c in Squid 2.5 prior to 2.5.STABLE7 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.
Squid-cache Squid 2.5.stable1
Squid-cache Squid 2.5.stable6
Squid-cache Squid 2.5.stable3
Squid-cache Squid 2.5.stable5
Squid-cache Squid 2.5.stable2
Squid-cache Squid 2.5.stable4
Debian Debian Linux 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »