Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-1999-1481
Squid 2.2.STABLE5 and below, when using external authentication, allows malicious users to bypass access controls via a newline in the user/password pair.
National Science Foundation Squid Web Proxy 1.0
National Science Foundation Squid Web Proxy 1.1
National Science Foundation Squid Web Proxy 2.1
National Science Foundation Squid Web Proxy 2.2
National Science Foundation Squid Web Proxy 1.0novm
1 EDB exploit
445
VMScore
CVE-2005-3322
Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote malicious users to cause a denial of service (crash) via HTTPs (SSL).
Squid Squid 2.6.stable1
Suse Suse Linux 9.0
445
VMScore
CVE-2020-14058
An issue exists in Squid prior to 4.12 and 5.x prior to 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This ...
Squid-cache Squid
Fedoraproject Fedora 31
Netapp Cloud Manager -
516
VMScore
CVE-2019-18677
An issue exists in Squid 3.x and 4.x up to and including 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origin...
Squid-cache Squid 2.7
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
445
VMScore
CVE-2004-2479
Squid Web Proxy Cache 2.5 might allow remote malicious users to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.
National Science Foundation Squid Web Proxy Cache 2.5 Stable7
National Science Foundation Squid Web Proxy Cache 2.5 Stable3
National Science Foundation Squid Web Proxy Cache 2.5 Stable6
National Science Foundation Squid Web Proxy Cache 2.5 Stable1
National Science Foundation Squid Web Proxy Cache 2.5 Stable4
National Science Foundation Squid Web Proxy Cache 2.5 Stable2
National Science Foundation Squid Web Proxy Cache 2.5 Stable5
445
VMScore
CVE-2019-18679
An issue exists in Squid 2.x, 3.x, and 4.x up to and including 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocatio...
Squid-cache Squid 2.7
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
356
VMScore
CVE-2021-33620
Squid prior to 4.15 and 5.x prior to 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.
Squid-cache Squid
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
668
VMScore
CVE-2005-1711
Gibraltar Firewall 2.2 and previous versions, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected.
Gibraltar Gibraltar Firewall 2.2
Clam Anti-virus Clamav 0.90.2
Squid Squid 2.6.stable1
383
VMScore
CVE-2021-28662
An issue exists in Squid 4.x prior to 4.15 and 5.x prior to 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic.
Squid-cache Squid
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
668
VMScore
CVE-2002-0067
Squid 2.4 STABLE3 and previous versions does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote malicious users to bypass intended access restrictions.
Squid Squid
Redhat Linux 7.2
Redhat Linux 6.2
Redhat Linux 7.1
Redhat Linux 7.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »