Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid squid vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-12528
An issue exists in Squid prior to 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
Squid-cache Squid
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
5
CVSSv2
CVE-2020-8449
An issue exists in Squid prior to 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5
CVSSv2
CVE-2020-8517
An issue exists in Squid prior to 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being ter...
Squid-cache Squid
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
5
CVSSv2
CVE-2019-18676
An issue exists in Squid 3.x and 4.x up to and including 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security ...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2019-18678
An issue exists in Squid 3.x and 4.x up to and including 4.8. It allows malicious users to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and S...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5
CVSSv2
CVE-2019-18679
An issue exists in Squid 2.x, 3.x, and 4.x up to and including 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocatio...
Squid-cache Squid 2.7
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5
CVSSv2
CVE-2019-12854
Due to incorrect string termination, Squid cachemgr.cgi 4.0 up to and including 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.
Squid-cache Squid
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
Opensuse Leap 15.1
5
CVSSv2
CVE-2018-1000024
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable v...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
5
CVSSv2
CVE-2018-1000027
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be e...
Squid-cache Squid
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
5
CVSSv2
CVE-2016-10002
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 up to and including 3.1.23, 3.2.0.3 up to and including 3.5.22, and 4.0.1 up to and including 4.0.16 leads to client-specific Cookie data being leaked to other clients. Atta...
Debian Debian Linux 8.0
Squid-cache Squid 3.1.12
Squid-cache Squid 3.1.14
Squid-cache Squid 3.1.21
Squid-cache Squid 3.1.22
Squid-cache Squid 3.1.15
Squid-cache Squid 3.1.16
Squid-cache Squid 3.1.10
Squid-cache Squid 3.1.11
Squid-cache Squid 3.1.19
Squid-cache Squid 3.1.20
Squid-cache Squid 3.1.23
Squid-cache Squid 3.1.17
Squid-cache Squid 3.1.18
Squid-cache Squid 3.2.0.14
Squid-cache Squid 3.2.0.15
Squid-cache Squid 3.2.0.6
Squid-cache Squid 3.2.0.7
Squid-cache Squid 3.2.13
Squid-cache Squid 3.2.2
Squid-cache Squid 3.2.9
Squid-cache Squid 3.2.14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »