Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid-cache vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2016-2390
The FwdState::connectedToPeer method in FwdState.cc in Squid prior to 3.5.14 and 4.0.x prior to 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote malicious users to cause a denial of service (application crash) via ...
Squid-cache Squid 4.0.5
Squid-cache Squid 4.0.4
Squid-cache Squid
7.5
CVSSv3
CVE-2023-50269
Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 up to and including 2.7.STABLE9, versions 3.1 up to and including 5.9, and versions 6.0.1 up to and including 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request...
Squid-cache Squid 2.6
Squid-cache Squid 2.7
Squid-cache Squid
8.2
CVSSv3
CVE-2016-3947
Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid prior to 3.5.16 and 4.x prior to 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log ...
Squid-cache Squid 4.0.5
Squid-cache Squid 4.0.4
Squid-cache Squid 4.0.3
Squid-cache Squid 4.0.2
Squid-cache Squid 4.0.1
Squid-cache Squid 4.0.6
Squid-cache Squid 4.0.7
Squid-cache Squid
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
NA
CVE-2005-0211
Buffer overflow in wccp.c in Squid 2.5 prior to 2.5.STABLE7 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.
Squid-cache Squid 2.5.stable1
Squid-cache Squid 2.5.stable6
Squid-cache Squid 2.5.stable3
Squid-cache Squid 2.5.stable5
Squid-cache Squid 2.5.stable2
Squid-cache Squid 2.5.stable4
Debian Debian Linux 3.0
8.8
CVSSv3
CVE-2020-15049
An issue exists in http/ContentLengthInterpreter.cc in Squid prior to 4.12 and 5.x prior to 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an un...
Squid-cache Squid 2.7
Squid-cache Squid
Fedoraproject Fedora 31
6.5
CVSSv3
CVE-2022-41317
An issue exists in Squid 4.9 up to and including 4.17 and 5.0.6 up to and including 5.6. Due to inconsistent handling of internal URIs, there can be Exposure of Sensitive Information about clients using the proxy via an HTTPS request to an internal cache manager URL. This is fixe...
Squid-cache Squid
8.6
CVSSv3
CVE-2022-41318
A buffer over-read exists in libntlmauth in Squid 2.5 up to and including 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these loc...
Squid-cache Squid
NA
CVE-2015-0881
CRLF injection vulnerability in Squid prior to 3.1.1 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted header in a response.
Squid-cache Squid
7.5
CVSSv3
CVE-2023-49288
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured wi...
Squid-cache Squid
7.5
CVSSv3
CVE-2023-46724
Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 up to and including 5.9 and 6.0 before 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This pro...
Squid-cache Squid
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »