Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid squid vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-1999-0710
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote malicious users to use it as an intermediary to connect to other systems.
Redhat Linux 6.0
Redhat Linux 5.2
1 EDB exploit
7.5
CVSSv2
CVE-1999-1273
Squid Internet Object Cache 1.1.20 allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences.
National Science Foundation Squid Web Proxy 1.1.20
7.1
CVSSv2
CVE-2020-24606
Squid prior to 4.13 and 5.x prior to 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exi...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
6.8
CVSSv2
CVE-2019-12527
An issue exists in Squid 4.0.23 up to and including 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buf...
Squid-cache Squid
Fedoraproject Fedora 29
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
6.8
CVSSv2
CVE-2015-5400
Squid prior to 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote malicious users to bypass intended restrictions and gain access to a backend proxy via a CONNECT request.
Fedoraproject Fedora 22
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Squid-cache Squid
6.8
CVSSv2
CVE-2014-6270
Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based ...
Squid-cache Squid 2.7.stable2
Squid-cache Squid 2.7.stable3
Squid-cache Squid 2.7.stable1
Squid-cache Squid 2.7.stable8
Squid-cache Squid 2.7.stable9
Squid-cache Squid 2.6.stable8
Squid-cache Squid 2.6.stable9
Squid-cache Squid 2.6.stable16
Squid-cache Squid 2.6.stable17
Squid-cache Squid 2.5.stable1
Squid-cache Squid 2.5.stable2
Squid-cache Squid 2.5.stable10
Squid-cache Squid 2.5.stable11
Squid-cache Squid 2.4.stable4
Squid-cache Squid 2.4.stable5
Squid-cache Squid 3.0
Squid-cache Squid 3.0.stable12
Squid-cache Squid 3.0.stable13
Squid-cache Squid 3.0.stable19
Squid-cache Squid 3.0.stable2
Squid-cache Squid 3.0.stable3
Squid-cache Squid 3.0.stable4
6.8
CVSSv2
CVE-2011-3205
Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 prior to 3.0.STABLE26, 3.1 prior to 3.1.15, and 3.2 prior to 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly hav...
Squid-cache Squid 3.0.stable13
Squid-cache Squid 3.0.stable9
Squid-cache Squid 3.0.stable20
Squid-cache Squid 3.0.stable14
Squid-cache Squid 3.0.stable3
Squid-cache Squid 3.0.stable4
Squid-cache Squid 3.0.stable24
Squid-cache Squid 3.0.stable16
Squid-cache Squid 3.0.stable11
Squid-cache Squid 3.0.stable18
Squid-cache Squid 3.0.stable1
Squid-cache Squid 3.0.stable6
Squid-cache Squid 3.0.stable15
Squid-cache Squid 3.0.stable5
Squid-cache Squid 3.0.stable21
Squid-cache Squid 3.0.stable17
Squid-cache Squid 3.0.stable10
Squid-cache Squid 3.0.stable8
Squid-cache Squid 3.0.stable12
Squid-cache Squid 3.0.stable25
Squid-cache Squid 3.0.stable23
Squid-cache Squid 3.0.stable22
6.6
CVSSv2
CVE-2019-3688
The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the sq...
Suse Suse Linux Enterprise Server 12
Suse Suse Linux Enterprise Server 15
6.5
CVSSv2
CVE-2020-15049
An issue exists in http/ContentLengthInterpreter.cc in Squid prior to 4.12 and 5.x prior to 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an un...
Squid-cache Squid 2.7
Squid-cache Squid
Fedoraproject Fedora 31
6.4
CVSSv2
CVE-2019-12523
An issue exists in Squid prior to 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restrict...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »