Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid squid vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2012-2213
Squid 3.1.9 allows remote malicious users to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher is unable to provide a squid.conf file for a ...
Squid-cache Squid 3.1.9
1 Github repository
5
CVSSv2
CVE-2010-2951
dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote malicious users to cause a denial of service (assertion failure and daemon exit) via vectors that trigger an IPv4 DNS response wit...
Squid-cache Squid 3.1.6
5
CVSSv2
CVE-2001-0843
Squid proxy server 2.4 and previous versions allows remote malicious users to cause a denial of service (crash) via a mkdir-only FTP PUT request.
Squid Squid Web Proxy
5
CVSSv2
CVE-2009-2855
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote malicious users to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
Squid-cache Squid 2.7
4.3
CVSSv2
CVE-2008-1612
The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows malicious users to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an incorrect fix for CVE-2007...
Squid Squid 2.6.stable17
5
CVSSv2
CVE-2007-0248
The aclMatchExternal function in Squid prior to 2.6.STABLE7 allows remote malicious users to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop.
Squid Squid 2.6.stable6
5
CVSSv2
CVE-2021-41611
An issue exists in Squid 5.0.6 up to and including 5.1.x prior to 5.2. When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted. This problem allows a remote server to obtain security trust well improperly. This indicati...
Squid-cache Squid
Fedoraproject Fedora 35
4.3
CVSSv2
CVE-2002-2414
Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote malicious users to cause a denial of service (crash).
Opera Software Opera 6.0.3
Squid Squid 2.4
4.3
CVSSv2
CVE-2019-13345
The cachemgr.cgi web module of Squid up to and including 4.7 has XSS via the user_name or auth parameter.
Squid-cache Squid
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2018-19132
Squid prior to 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
Squid-cache Squid
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »