Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid squid web proxy cache 2.7 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2019-12524
An issue exists in Squid up to and including 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maint...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
516
VMScore
CVE-2019-18677
An issue exists in Squid 3.x and 4.x up to and including 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origin...
Squid-cache Squid 2.7
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
505
VMScore
CVE-2009-0478
Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote malicious users to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.
Squid Squid 3.0.stable8
Squid Squid 3.0.stable9
Squid Squid 3.1.0.2
Squid Squid 2.7.stable3
Squid Squid 3.0.stable3
Squid Squid 3.1
Squid Squid 3.0.stable1
Squid Squid 3.0.stable10
Squid Squid 3.0.stable12
Squid Squid 2.7.stable4
Squid Squid 3.0.stable7
Squid Squid 2.7.stable5
Squid Squid 3.0.stable6
Squid Squid 2.7.stable2
Squid Squid 3.1.0.1
Squid Squid 3.0.stable2
Squid Squid 3.0.stable4
Squid Squid 3.0.stable11
Squid Squid 2.7.stable1
Squid Squid 3.0.stable5
Squid Squid 3.1.0.3
Squid Squid 3.1.0.4
1 EDB exploit
483
VMScore
CVE-2009-0801
Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote malicious users to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted ...
Squid Squid Web Proxy Cache 3.0 Stable6
Squid Squid Web Proxy Cache 2.7.stable6
Squid Squid Web Proxy Cache 3.0 Stable7
Squid Squid Web Proxy Cache 2.7.stable5
Squid Squid Web Proxy Cache 3.0 Stable5
Squid Squid Web Proxy Cache 3.0 Stable13
Squid Squid Web Proxy Cache 3.0 Stable4
Squid Squid Web Proxy Cache 3.0 Stable3
Squid Squid Web Proxy Cache 2.7
Squid Squid Web Proxy Cache 3.0 Pre2
Squid Squid Web Proxy Cache 3.0 Stable12
Squid Squid Web Proxy Cache 3.0 Stable1
Squid Squid Web Proxy Cache 3.0 Pre1
Squid Squid Web Proxy Cache 3.0 Pre3
Squid Squid Web Proxy Cache 3.0
Squid Squid Web Proxy Cache 3.0 Stable2
7 Github repositories
445
VMScore
CVE-2019-18678
An issue exists in Squid 3.x and 4.x up to and including 4.8. It allows malicious users to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and S...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
445
VMScore
CVE-2019-18679
An issue exists in Squid 2.x, 3.x, and 4.x up to and including 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocatio...
Squid-cache Squid 2.7
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
445
VMScore
CVE-2012-5643
Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x prior to 3.1.22, 3.2.x prior to 3.2.4, and 3.3.x prior to 3.3.0.2 allow remote malicious users to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST r...
Squid-cache Squid 2.6
Squid-cache Squid 2.0
Squid-cache Squid 2.7
Squid-cache Squid 2.2
Squid-cache Squid 2.3
Squid-cache Squid 2.5
Squid-cache Squid 2.1
Squid-cache Squid 2.4
Squid-cache Squid 3.1.0.18
Squid-cache Squid 3.0.stable13
Squid-cache Squid 3.1.21
Squid-cache Squid 3.0
Squid-cache Squid 3.0.stable9
Squid-cache Squid 3.1.13
Squid-cache Squid 3.0.stable20
Squid-cache Squid 3.0.stable14
Squid-cache Squid 3.0.stable3
Squid-cache Squid 3.1.17
Squid-cache Squid 3.1.0.7
Squid-cache Squid 3.1.0.14
Squid-cache Squid 3.0.stable4
Squid-cache Squid 3.1.0.12
445
VMScore
CVE-2009-2855
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote malicious users to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
Squid-cache Squid 2.7
383
VMScore
CVE-2021-28116
Squid up to and including 4.14 and 5.x up to and including 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
Squid-cache Squid
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 10.0
Debian Debian Linux 11.0
383
VMScore
CVE-2019-18860
Squid prior to 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »