Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid-cache squid vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2018-1172
This vulnerability allows remote malicious users to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists within ClientRequestContext::sslBumpAccessCh...
Squid-cache Squid 3.5.27
NA
CVE-2010-2951
dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote malicious users to cause a denial of service (assertion failure and daemon exit) via vectors that trigger an IPv4 DNS response wit...
Squid-cache Squid 3.1.6
7.5
CVSSv3
CVE-2021-41611
An issue exists in Squid 5.0.6 up to and including 5.1.x prior to 5.2. When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted. This problem allows a remote server to obtain security trust well improperly. This indicati...
Squid-cache Squid
Fedoraproject Fedora 35
5.9
CVSSv3
CVE-2018-19132
Squid prior to 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
Squid-cache Squid
Debian Debian Linux 8.0
6.1
CVSSv3
CVE-2019-13345
The cachemgr.cgi web module of Squid up to and including 4.7 has XSS via the user_name or auth parameter.
Squid-cache Squid
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2020-14058
An issue exists in Squid prior to 4.12 and 5.x prior to 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This ...
Squid-cache Squid
Fedoraproject Fedora 31
Netapp Cloud Manager -
6.1
CVSSv3
CVE-2019-18677
An issue exists in Squid 3.x and 4.x up to and including 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origin...
Squid-cache Squid 2.7
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2019-18679
An issue exists in Squid 2.x, 3.x, and 4.x up to and including 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocatio...
Squid-cache Squid 2.7
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
6.5
CVSSv3
CVE-2021-28662
An issue exists in Squid 4.x prior to 4.15 and 5.x prior to 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic.
Squid-cache Squid
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
6.5
CVSSv3
CVE-2021-33620
Squid prior to 4.15 and 5.x prior to 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.
Squid-cache Squid
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »