Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid-cache squid vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-50269
Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 up to and including 2.7.STABLE9, versions 3.1 up to and including 5.9, and versions 6.0.1 up to and including 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request...
Squid-cache Squid 2.6
Squid-cache Squid 2.7
Squid-cache Squid
5.9
CVSSv3
CVE-2016-2390
The FwdState::connectedToPeer method in FwdState.cc in Squid prior to 3.5.14 and 4.0.x prior to 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote malicious users to cause a denial of service (application crash) via ...
Squid-cache Squid 4.0.5
Squid-cache Squid 4.0.4
Squid-cache Squid
8.2
CVSSv3
CVE-2016-3947
Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid prior to 3.5.16 and 4.x prior to 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log ...
Squid-cache Squid 4.0.5
Squid-cache Squid 4.0.4
Squid-cache Squid 4.0.3
Squid-cache Squid 4.0.2
Squid-cache Squid 4.0.1
Squid-cache Squid 4.0.6
Squid-cache Squid 4.0.7
Squid-cache Squid
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
NA
CVE-2005-0211
Buffer overflow in wccp.c in Squid 2.5 prior to 2.5.STABLE7 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.
Squid-cache Squid 2.5.stable1
Squid-cache Squid 2.5.stable6
Squid-cache Squid 2.5.stable3
Squid-cache Squid 2.5.stable5
Squid-cache Squid 2.5.stable2
Squid-cache Squid 2.5.stable4
Debian Debian Linux 3.0
8.8
CVSSv3
CVE-2020-15049
An issue exists in http/ContentLengthInterpreter.cc in Squid prior to 4.12 and 5.x prior to 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an un...
Squid-cache Squid 2.7
Squid-cache Squid
Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2023-49285
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no kno...
Squid-cache Squid
7.5
CVSSv3
CVE-2023-49286
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to...
Squid-cache Squid
7.5
CVSSv3
CVE-2023-49288
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured wi...
Squid-cache Squid
7.5
CVSSv3
CVE-2023-46724
Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 up to and including 5.9 and 6.0 before 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This pro...
Squid-cache Squid
7.5
CVSSv3
CVE-2023-46728
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0...
Squid-cache Squid
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »