Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2020-8450
An issue exists in Squid prior to 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.1
CVSSv3
CVE-2019-3688
The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the sq...
Suse Suse Linux Enterprise Server 12
Suse Suse Linux Enterprise Server 15
7
CVSSv3
CVE-2019-18932
log.c in Squid Analysis Report Generator (sarg) up to and including 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can ...
Squid Analysis Report Generator Project Squid Analysis Report Generator
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
6.5
CVSSv3
CVE-2024-23638
Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error pag...
Squid-cache Squid
6.5
CVSSv3
CVE-2023-4091
A vulnerability exists in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the ...
Samba Samba
Fedoraproject Fedora 39
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Redhat Enterprise Linux Eus 9.0
6.5
CVSSv3
CVE-2022-41317
An issue exists in Squid 4.9 up to and including 4.17 and 5.0.6 up to and including 5.6. Due to inconsistent handling of internal URIs, there can be Exposure of Sensitive Information about clients using the proxy via an HTTPS request to an internal cache manager URL. This is fixe...
Squid-cache Squid
6.5
CVSSv3
CVE-2021-46784
In Squid 3.x up to and including 3.5.28, 4.x up to and including 4.17, and 5.x prior to 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
Squid-cache Squid
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
6.5
CVSSv3
CVE-2021-31807
An issue exists in Squid prior to 4.15 and 5.x prior to 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any...
Squid-cache Squid 2.5.stable6
Squid-cache Squid 2.6
Squid-cache Squid 2.5.stable9
Squid-cache Squid 2.7
Squid-cache Squid 2.5.stable4
Squid-cache Squid 2.5.stable7
Squid-cache Squid 2.5.stable14
Squid-cache Squid 2.5.stable2
Squid-cache Squid 2.5.stable5
Squid-cache Squid 2.5.stable12
Squid-cache Squid 2.5.stable13
Squid-cache Squid 2.5.stable11
Squid-cache Squid 2.5.stable3
Squid-cache Squid 2.5.stable8
Squid-cache Squid 2.5.stable10
Squid-cache Squid
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Manager -
6.5
CVSSv3
CVE-2021-33620
Squid prior to 4.15 and 5.x prior to 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.
Squid-cache Squid
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2021-31808
An issue exists in Squid prior to 4.15 and 5.x prior to 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Cloud Manager -
Fedoraproject Fedora 33
Fedoraproject Fedora 34
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »