Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-2213
Squid 3.1.9 allows remote malicious users to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher is unable to provide a squid.conf file for a ...
Squid-cache Squid 3.1.9
1 Github repository
NA
CVE-2008-1612
The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows malicious users to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an incorrect fix for CVE-2007...
Squid Squid 2.6.stable17
NA
CVE-2009-2855
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote malicious users to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
Squid-cache Squid 2.7
NA
CVE-2007-0248
The aclMatchExternal function in Squid prior to 2.6.STABLE7 allows remote malicious users to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop.
Squid Squid 2.6.stable6
NA
CVE-2010-2951
dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote malicious users to cause a denial of service (assertion failure and daemon exit) via vectors that trigger an IPv4 DNS response wit...
Squid-cache Squid 3.1.6
5.9
CVSSv3
CVE-2018-1172
This vulnerability allows remote malicious users to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists within ClientRequestContext::sslBumpAccessCh...
Squid-cache Squid 3.5.27
7.5
CVSSv3
CVE-2021-41611
An issue exists in Squid 5.0.6 up to and including 5.1.x prior to 5.2. When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted. This problem allows a remote server to obtain security trust well improperly. This indicati...
Squid-cache Squid
Fedoraproject Fedora 35
5.9
CVSSv3
CVE-2018-19132
Squid prior to 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
Squid-cache Squid
Debian Debian Linux 8.0
6.1
CVSSv3
CVE-2019-13345
The cachemgr.cgi web module of Squid up to and including 4.7 has XSS via the user_name or auth parameter.
Squid-cache Squid
Debian Debian Linux 8.0
NA
CVE-2002-2414
Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote malicious users to cause a denial of service (crash).
Opera Software Opera 6.0.3
Squid Squid 2.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »