Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Squid-cache Subscribe
Total 88 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-19132 2 Debian, Squid-cache 2 Debian Linux, Squid 2020-07-10 4.3 MEDIUM 5.9 MEDIUM
Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
CVE-2019-18678 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2020-07-10 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.
CVE-2019-18677 3 Canonical, Fedoraproject, Squid-cache 3 Ubuntu Linux, Fedora, Squid 2020-07-10 5.8 MEDIUM 6.1 MEDIUM
An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.
CVE-2019-13345 2 Debian, Squid-cache 2 Debian Linux, Squid 2020-07-10 4.3 MEDIUM 6.1 MEDIUM
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
CVE-2019-18679 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2020-07-10 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
CVE-2016-4051 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 6.8 MEDIUM 8.8 HIGH
Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data.
CVE-2015-3455 3 Fedoraproject, Oracle, Squid-cache 4 Fedora, Linux, Solaris and 1 more 2019-12-27 2.6 LOW N/A
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate.
CVE-2016-4053 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 4.3 MEDIUM 3.7 LOW
Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
CVE-2016-4054 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 6.8 MEDIUM 8.1 HIGH
Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.
CVE-2016-4553 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 5.0 MEDIUM 8.6 HIGH
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.
CVE-2016-4554 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 5.0 MEDIUM 8.6 HIGH
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
CVE-2016-4555 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 5.0 MEDIUM 7.5 HIGH
client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.
CVE-2016-4556 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 5.0 MEDIUM 7.5 HIGH
Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
CVE-2018-1172 1 Squid-cache 1 Squid 2019-10-09 4.3 MEDIUM 5.9 MEDIUM
This vulnerability allows remote attackers to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists within ClientRequestContext::sslBumpAccessCheck(). A crafted request can trigger the dereference of a null pointer. An attacker can leverage this vulnerability to create a denial-of-service condition to users of the system. Was ZDI-CAN-6088.
CVE-2018-1000024 3 Canonical, Debian, Squid-cache 3 Ubuntu Linux, Debian Linux, Squid 2019-10-02 5.0 MEDIUM 7.5 HIGH
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.
CVE-2018-1000027 3 Canonical, Debian, Squid-cache 3 Ubuntu Linux, Debian Linux, Squid 2019-07-17 5.0 MEDIUM 7.5 HIGH
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.
CVE-2018-19131 1 Squid-cache 1 Squid 2018-12-11 4.3 MEDIUM 6.1 MEDIUM
Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
CVE-2013-4115 2 Opensuse, Squid-cache 2 Opensuse, Squid 2018-10-30 7.5 HIGH N/A
Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service (memory corruption and server termination) via a long name in a DNS lookup request.
CVE-2014-9749 2 Opensuse, Squid-cache 2 Opensuse, Squid 2018-10-30 4.0 MEDIUM N/A
Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."
CVE-2014-0128 2 Opensuse, Squid-cache 2 Opensuse, Squid 2018-10-30 5.0 MEDIUM N/A
Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management.