Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid web proxy cache vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-12529
An issue exists in Squid 2.x up to and including 2.7.STABLE9, 3.x up to and including 3.5.28, and 4.x up to and including 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be d...
Squid-cache Squid 2.7
Squid-cache Squid
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
4.3
CVSSv2
CVE-2021-28116
Squid up to and including 4.14 and 5.x up to and including 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
Squid-cache Squid
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv2
CVE-2019-12524
An issue exists in Squid up to and including 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maint...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
5
CVSSv2
CVE-2018-1000024
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable v...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
5
CVSSv2
CVE-2018-1000027
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be e...
Squid-cache Squid
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
5
CVSSv2
CVE-2005-0175
Squid 2.5 up to 2.5.STABLE7 allows remote malicious users to poison the cache via an HTTP response splitting attack.
Squid Squid 2.5.6
Squid Squid 2.5.stable7
Squid Squid 2.5 .stable1
Squid Squid 2.5.stable3
Squid Squid 2.5.stable4
Squid Squid 2.5 .stable6
Squid Squid 2.5 Stable3
Squid Squid 2.5.stable5
Squid Squid 2.5.stable6
Squid Squid 2.5 Stable4
Squid Squid 2.5 Stable9
Squid Squid 2.5.stable1
Squid Squid 2.5.stable2
Squid Squid 2.5 .stable3
Squid Squid 2.5 .stable4
Squid Squid 2.5 .stable5
5
CVSSv2
CVE-2019-18678
An issue exists in Squid 3.x and 4.x up to and including 4.8. It allows malicious users to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and S...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
4.3
CVSSv2
CVE-2019-18860
Squid prior to 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
5
CVSSv2
CVE-2004-0918
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache prior to 2.4.STABLE7 allows remote malicious users to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.
Openpkg Openpkg 2.1
Openpkg Openpkg 2.2
Squid Squid 2.4 .stable2
Squid Squid 2.4 .stable6
Squid Squid 3.0 Pre2
Squid Squid 3.0 Pre3
Openpkg Openpkg Current
Squid Squid 2.0 Patch2
Squid Squid 2.4 .stable7
Squid Squid 2.5 .stable1
Squid Squid 2.5 .stable3
Squid Squid 2.3 .stable5
Squid Squid 2.4
Squid Squid 2.5 .stable6
Squid Squid 3.0 Pre1
Squid Squid 2.1 Patch2
Squid Squid 2.3 .stable4
Squid Squid 2.5 .stable4
Squid Squid 2.5 .stable5
Ubuntu Ubuntu Linux 4.1
Gentoo Linux
Trustix Secure Linux 2.0
7.5
CVSSv2
CVE-2005-0173
squid_ldap_auth in Squid 2.5 and previous versions allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
Squid Squid 2.1.patch2
Squid Squid 2.1.pre1
Squid Squid 2.2.pre2
Squid Squid 2.2.stable1
Squid Squid 2.3.stable2
Squid Squid 2.3.stable3
Squid Squid 2.4.stable6
Squid Squid 2.4.stable7
Squid Squid 2.0.patch2
Squid Squid 2.0.pre1
Squid Squid 2.1.release
Squid Squid 2.2.devel3
Squid Squid 2.2.stable4
Squid Squid 2.2.stable5
Squid Squid 2.4.stable1
Squid Squid 2.4.stable2
Squid Squid 2.5.stable3
Squid Squid 2.5.stable4
Squid Squid 2.0.release
Squid Squid 2.1.patch1
Squid Squid 2.2.devel4
Squid Squid 2.2.pre1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »