Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid-cache squid vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-12529
An issue exists in Squid 2.x up to and including 2.7.STABLE9, 3.x up to and including 3.5.28, and 4.x up to and including 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be d...
Squid-cache Squid 2.7
Squid-cache Squid
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
4.3
CVSSv2
CVE-2019-13345
The cachemgr.cgi web module of Squid up to and including 4.7 has XSS via the user_name or auth parameter.
Squid-cache Squid
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2018-19132
Squid prior to 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
Squid-cache Squid
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2018-19131
Squid prior to 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
Squid-cache Squid
1 Github repository
4.3
CVSSv2
CVE-2018-1172
This vulnerability allows remote malicious users to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists within ClientRequestContext::sslBumpAccessCh...
Squid-cache Squid 3.5.27
5
CVSSv2
CVE-2018-1000024
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable v...
Squid-cache Squid
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
5
CVSSv2
CVE-2018-1000027
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be e...
Squid-cache Squid
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
5
CVSSv2
CVE-2016-10002
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 up to and including 3.1.23, 3.2.0.3 up to and including 3.5.22, and 4.0.1 up to and including 4.0.16 leads to client-specific Cookie data being leaked to other clients. Atta...
Debian Debian Linux 8.0
Squid-cache Squid 3.1.21
Squid-cache Squid 3.1.17
Squid-cache Squid 3.1.22
Squid-cache Squid 3.1.18
Squid-cache Squid 3.1.14
Squid-cache Squid 3.1.23
Squid-cache Squid 3.1.15
Squid-cache Squid 3.1.12
Squid-cache Squid 3.1.10
Squid-cache Squid 3.1.11
Squid-cache Squid 3.1.20
Squid-cache Squid 3.1.19
Squid-cache Squid 3.1.16
Squid-cache Squid 3.2.0.18
Squid-cache Squid 3.2.0.9
Squid-cache Squid 3.2.2
Squid-cache Squid 3.2.4
Squid-cache Squid 3.2.0.6
Squid-cache Squid 3.2.0.15
Squid-cache Squid 3.2.10
Squid-cache Squid 3.2.13
5
CVSSv2
CVE-2016-10003
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 up to and including 3.5.22, and 4.0.1 up to and including 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
Squid-cache Squid
4.3
CVSSv2
CVE-2016-2390
The FwdState::connectedToPeer method in FwdState.cc in Squid prior to 3.5.14 and 4.0.x prior to 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote malicious users to cause a denial of service (application crash) via ...
Squid-cache Squid
Squid-cache Squid 4.0.5
Squid-cache Squid 4.0.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »