Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid-cache squid vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-12854
Due to incorrect string termination, Squid cachemgr.cgi 4.0 up to and including 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.
Squid-cache Squid
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
Opensuse Leap 15.1
5
CVSSv2
CVE-2018-1000024
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable v...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
5
CVSSv2
CVE-2018-1000027
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be e...
Squid-cache Squid
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
5
CVSSv2
CVE-2016-10003
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 up to and including 3.5.22, and 4.0.1 up to and including 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
Squid-cache Squid
5
CVSSv2
CVE-2016-10002
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 up to and including 3.1.23, 3.2.0.3 up to and including 3.5.22, and 4.0.1 up to and including 4.0.16 leads to client-specific Cookie data being leaked to other clients. Atta...
Debian Debian Linux 8.0
Squid-cache Squid 3.1.12
Squid-cache Squid 3.1.14
Squid-cache Squid 3.1.21
Squid-cache Squid 3.1.22
Squid-cache Squid 3.1.15
Squid-cache Squid 3.1.16
Squid-cache Squid 3.1.10
Squid-cache Squid 3.1.11
Squid-cache Squid 3.1.19
Squid-cache Squid 3.1.20
Squid-cache Squid 3.1.23
Squid-cache Squid 3.1.17
Squid-cache Squid 3.1.18
Squid-cache Squid 3.2.0.14
Squid-cache Squid 3.2.0.15
Squid-cache Squid 3.2.0.6
Squid-cache Squid 3.2.0.7
Squid-cache Squid 3.2.13
Squid-cache Squid 3.2.2
Squid-cache Squid 3.2.9
Squid-cache Squid 3.2.14
5
CVSSv2
CVE-2016-2570
The Edge Side Includes (ESI) parser in Squid 3.x prior to 3.5.15 and 4.x prior to 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/Cu...
Squid-cache Squid 4.0.3
Squid-cache Squid 4.0.2
Squid-cache Squid 3.4.8
Squid-cache Squid 3.4.4
Squid-cache Squid 3.4.1
Squid-cache Squid 3.4.0.3
Squid-cache Squid 3.3.5
Squid-cache Squid 3.3.4
Squid-cache Squid 3.3.0.3
Squid-cache Squid 3.3.0.2
Squid-cache Squid 3.2.4
Squid-cache Squid 3.2.3
Squid-cache Squid 3.2.0.9
Squid-cache Squid 3.2.0.8
Squid-cache Squid 3.2.0.18
Squid-cache Squid 3.2.0.17
Squid-cache Squid 3.2.0.10
Squid-cache Squid 3.2.0.1
Squid-cache Squid 3.1.4
Squid-cache Squid 3.1.3
Squid-cache Squid 3.1.1
Squid-cache Squid 3.1.0.9
5
CVSSv2
CVE-2016-2572
http.cc in Squid 4.x prior to 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.
Squid-cache Squid 4.0.1
Squid-cache Squid 4.0.3
Squid-cache Squid 4.0.2
Squid-cache Squid 4.0.6
Squid-cache Squid 4.0.5
Squid-cache Squid 4.0.4
5
CVSSv2
CVE-2014-0128
Squid 3.1 prior to 3.3.12 and 3.4 prior to 3.4.4, when SSL-Bump is enabled, allows remote malicious users to cause a denial of service (assertion failure) via a crafted range request, related to state management.
Squid-cache Squid 3.1
Squid-cache Squid 3.1.0.15
Squid-cache Squid 3.1.0.16
Squid-cache Squid 3.1.0.17
Squid-cache Squid 3.1.0.7
Squid-cache Squid 3.1.0.8
Squid-cache Squid 3.1.14
Squid-cache Squid 3.1.15
Squid-cache Squid 3.1.8
Squid-cache Squid 3.1.9
Squid-cache Squid 3.2.0.15
Squid-cache Squid 3.2.0.16
Squid-cache Squid 3.2.0.5
Squid-cache Squid 3.2.0.6
Squid-cache Squid 3.2.2
Squid-cache Squid 3.2.3
Squid-cache Squid 3.1.0.1
Squid-cache Squid 3.1.0.10
Squid-cache Squid 3.1.0.18
Squid-cache Squid 3.1.0.2
Squid-cache Squid 3.1.0.9
Squid-cache Squid 3.1.1
5
CVSSv2
CVE-2013-4123
client_side_request.cc in Squid 3.2.x prior to 3.2.13 and 3.3.x prior to 3.3.8 allows remote malicious users to cause a denial of service via a crafted port number in a HTTP Host header.
Squid-cache Squid 3.3.7
Squid-cache Squid 3.3.0
Squid-cache Squid 3.3.0.2
Squid-cache Squid 3.3.0.3
Squid-cache Squid 3.3.1
Squid-cache Squid 3.3.3
Squid-cache Squid 3.3.5
Squid-cache Squid 3.3.6
Squid-cache Squid 3.3.2
Squid-cache Squid 3.3.4
Opensuse Opensuse 12.3
Squid-cache Squid 3.2.9
Squid-cache Squid 3.2.10
Squid-cache Squid 3.2.11
Squid-cache Squid 3.2.5
Squid-cache Squid 3.2.7
Squid-cache Squid 3.2.0.10
Squid-cache Squid 3.2.0.12
Squid-cache Squid 3.2.0.3
Squid-cache Squid 3.2.0.5
Squid-cache Squid 3.2.1
Squid-cache Squid 3.2.3
1 EDB exploit
5
CVSSv2
CVE-2013-0189
cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote malicious users to cause a denial of service (resource consumption) via a crafted request. NOTE: this issue is due to an incorrect fix for CVE-2012-5643, possibly involving an incorre...
Squid-cache Squid 3.1.0.18
Squid-cache Squid 3.1.13
Squid-cache Squid 3.1.0.7
Squid-cache Squid 3.1.0.14
Squid-cache Squid 3.1.0.12
Squid-cache Squid 3.1.1
Squid-cache Squid 3.1.0.3
Squid-cache Squid 3.1.0.1
Squid-cache Squid 3.1.22
Squid-cache Squid 3.1.14
Squid-cache Squid 3.1.8
Squid-cache Squid 3.1.6
Squid-cache Squid 3.1.0.9
Squid-cache Squid 3.1.0.15
Squid-cache Squid 3.1.15
Squid-cache Squid 3.1.0.13
Squid-cache Squid 3.1.12
Squid-cache Squid 3.1.10
Squid-cache Squid 3.1.3
Squid-cache Squid 3.1.0.2
Squid-cache Squid 3.1.5
Squid-cache Squid 3.1.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »