Latest squid-cache squid Vulnerabilities

CVE-2024-23638
SQUID-2023:11 Denial of Service in Cache Manager
Squid-Cache Squid>=5.0<=5.9
Squid-Cache Squid>=6.0<6.6
ubuntu/squid<4.10-1ubuntu1.10
ubuntu/squid<5.7-0ubuntu0.22.04.4
ubuntu/squid<6.1-2ubuntu1.3
ubuntu/squid<6.6-1
and 1 more
CVE-2023-50269
SQUID-2023:10 Denial of Service in HTTP Request parsing
Squid-Cache Squid>=3.1<=5.9
Squid-Cache Squid>=6.0.1<=6.5
Squid-Cache Squid=2.6
Squid-Cache Squid=2.7
Squid-Cache Squid=2.7-stable1
Squid-Cache Squid=2.7-stable2
and 13 more
CVE-2023-49286
Denial of Service in Helper Process management
Squid-Cache Squid<=6.4
ubuntu/squid<4.10-1ubuntu1.9
ubuntu/squid<5.7-0ubuntu0.22.04.3
ubuntu/squid<5.7-1ubuntu3.2
ubuntu/squid<6.1-2ubuntu1.2
ubuntu/squid<6.5-1
and 2 more
CVE-2023-49288
Denial of Service in HTTP Collapsed Forwarding in Squid
Squid-Cache Squid>=3.5<=5.9
debian/squid<=4.6-1+deb10u7<=4.6-1+deb10u10<=4.13-10+deb11u2<=4.13-10+deb11u3<=5.7-2<=5.7-2+deb12u1
ubuntu/squid<5.7-0ubuntu0.22.04.4
ubuntu/squid<6.1-1
CVE-2023-49285
Denial of Service in HTTP Message Processing in Squid
Squid-Cache Squid<=6.4
ubuntu/squid<4.10-1ubuntu1.9
ubuntu/squid<5.7-0ubuntu0.22.04.3
ubuntu/squid<5.7-1ubuntu3.2
ubuntu/squid<6.1-2ubuntu1.2
ubuntu/squid<6.5-1
and 2 more
CVE-2023-46728
SQUID-2021:8 Denial of Service in Gopher gateway
Squid-Cache Squid<6.0.1
redhat/squid<6.0.1
ubuntu/squid<4.10-1ubuntu1.8
ubuntu/squid<5.7-0ubuntu0.22.04.2
ubuntu/squid<5.7-1ubuntu3.1
ubuntu/squid<6.1-1
and 3 more
CVE-2023-46724
SQUID-2023:4 Denial of Service in SSL Certificate validation
Squid-Cache Squid>=3.3.0.1<6.4
redhat/squid<6.4
ubuntu/squid<5.7-0ubuntu0.22.04.2
ubuntu/squid<5.7-1ubuntu3.1
ubuntu/squid<6.1-2ubuntu1.1
debian/squid<=4.13-10+deb11u2<=5.7-2
CVE-2023-46848
Squid: denial of service in ftp
Squid-Cache Squid>=5.0.3<6.4
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=9.2
Redhat Enterprise Linux Server Aus=9.2
Redhat Enterprise Linux Server Tus=9.2
redhat/squid<6.4
and 5 more
CVE-2023-46847
Squid: denial of service in http digest authentication
Squid-Cache Squid>=3.2.0.1<6.4
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux Eus=8.8
Redhat Enterprise Linux Eus=9.0
and 24 more
CVE-2023-5824
Squid: dos against http and https
Squid-Cache Squid<6.4
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
redhat/squid<6.4
and 4 more
CVE-2023-46846
Squid: request/response smuggling in http/1.1 and icap
Squid-Cache Squid>=2.6<6.4
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux Eus=8.8
Redhat Enterprise Linux Eus=9.0
and 20 more
CVE-2022-41317
An issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, there can be Exposure of Sensitive Information about clients using the proxy via...
Squid-Cache Squid>=4.9<=4.17
Squid-Cache Squid>=5.0.6<5.7
CVE-2022-41318
A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended me...
Squid-Cache Squid>=2.5<5.7
CVE-2021-46784
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
Squid-Cache Squid>=3.0<=3.5.28
Squid-Cache Squid>=4.0<=4.17
Squid-Cache Squid>=5.0<5.6
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Debian Debian Linux=12.0
and 1 more
CVE-2021-41611
An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted. This problem allo...
Squid-Cache Squid>=5.0.6<5.2
Fedoraproject Fedora=35
CVE-2021-31807
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The...
Squid-Cache Squid>=3.0<4.15
Squid-Cache Squid>=5.0<5.0.6
Squid-Cache Squid=2.5.stable2
Squid-Cache Squid=2.5.stable3
Squid-Cache Squid=2.5.stable4
Squid-Cache Squid=2.5.stable5
and 23 more
CVE-2021-33620
Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expect...
Squid-Cache Squid<4.15
Squid-Cache Squid>=5.0<5.0.6
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Debian Debian Linux=9.0
CVE-2021-31808
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends ...
Squid-Cache Squid<4.15
Squid-Cache Squid>=5.0<5.0.6
Debian Debian Linux=9.0
Debian Debian Linux=10.0
NetApp Cloud Manager
Fedoraproject Fedora=33
and 2 more
CVE-2021-31806
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range r...
Squid-Cache Squid<4.15
Squid-Cache Squid>=5.0<5.0.6
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 2 more
CVE-2021-28651
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a smal...
debian/squid<=4.13-9<=4.6-1<=4.6-1+deb10u5
Squid-Cache Squid>=2.0<4.15
Squid-Cache Squid>=5.0<5.0.6
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 3 more
CVE-2021-28652
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client ...
debian/squid<=4.6-1+deb10u5<=4.6-1<=4.13-9<=4.6-1+deb10u4
Squid-Cache Squid>=1.0<4.15
Squid-Cache Squid>=5.0<5.0.6
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 2 more
CVE-2021-28662
An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly oc...
debian/squid<=4.6-1+deb10u4<=4.6-1<=4.13-9<=4.6-1+deb10u5
Squid-Cache Squid>=4.0.1<4.15
Squid-Cache Squid>=5.0<5.0.6
Debian Debian Linux=10.0
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 1 more
CVE-2020-25097
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbid...
debian/squid<=4.13-7<=4.6-1+deb10u4<=4.6-1<=4.13-5
Squid-Cache Squid>=2.0<4.14
Squid-Cache Squid>=5.0.1<5.0.5
Debian Debian Linux=10.0
Fedoraproject Fedora=32
Fedoraproject Fedora=33
and 9 more
CVE-2021-28116
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for rem...
debian/squid
Squid-Cache Squid<=4.14
Squid-Cache Squid>=5.0<=5.0.5
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Debian Debian Linux=10.0
and 1 more
CVE-2020-24606
Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only oc...
debian/squid<=4.6-1<=4.12-1<=4.6-1+deb10u3
Squid-Cache Squid>=3.0<4.13
Squid-Cache Squid>=5.0.1<5.0.4
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=20.04
and 19 more
CVE-2020-15811
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache pois...
Squid-Cache Squid<4.13
Squid-Cache Squid>=5.0<5.0.4
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=20.04
Debian Debian Linux=9.0
and 19 more
CVE-2020-15810
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache pois...
debian/squid<=4.6-1+deb10u3<=4.6-1<=4.12-1
Squid-Cache Squid<4.13
Squid-Cache Squid>=5.0<5.0.4
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=20.04
and 19 more
CVE-2020-14059
An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA...
Squid-Cache Squid>=5.0<5.0.3
CVE-2020-14058
An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Ser...
Squid-Cache Squid>=3.1<=3.5.28
Squid-Cache Squid>=4.0<4.12
Squid-Cache Squid>=5.0<5.0.3
Fedoraproject Fedora=31
NetApp Cloud Manager
CVE-2020-15049
An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an ...
Squid-Cache Squid>=2.0<=2.6
Squid-Cache Squid>=3.1<=3.5.28
Squid-Cache Squid>=4.0<4.12
Squid-Cache Squid>=5.0<5.0.3
Squid-Cache Squid=2.7
Squid-Cache Squid=2.7-stable2
and 21 more
CVE-2020-11945
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the atta...
Squid-Cache Squid>=3.0<=3.5.28
Squid-Cache Squid>=4.0<4.11
Squid-Cache Squid>=5.0<5.0.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
openSUSE Leap=15.1
and 15 more
CVE-2019-12522
An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid le...
Squid-Cache Squid<=4.7
CVE-2019-12524
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the...
Squid-Cache Squid<=4.7
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
ubuntu/squid<4.8
and 2 more
CVE-2019-12520
An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the ...
Squid-Cache Squid<=4.7
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Debian Debian Linux=9.0
Debian Debian Linux=10.0
ubuntu/squid<4.8
and 2 more
CVE-2019-12521
An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement...
Squid-Cache Squid>=3.0<=3.5.28
Squid-Cache Squid>=4.0<=4.7
Squid-Cache Squid>=5.0<=5.0.1
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
and 12 more
CVE-2019-12519
An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression wh...
Squid-Cache Squid>=3.0<=3.5.28
Squid-Cache Squid>=4.0<=4.10
Squid-Cache Squid>=5.0<=5.0.1
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Canonical Ubuntu Linux=16.04
and 12 more
CVE-2019-18860
Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
Squid-Cache Squid<4.9
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
and 6 more
CVE-2019-12528
An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions ...
Squid-Cache Squid<4.10
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Debian Debian Linux=9.0
Debian Debian Linux=10.0
openSUSE Leap=15.1
and 16 more
CVE-2020-8449
An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security fil...
Squid-Cache Squid<4.10
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
and 16 more
CVE-2020-8450
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
Squid-Cache Squid<4.10
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
openSUSE Leap=15.1
Fedoraproject Fedora=30
and 16 more
CVE-2020-8517
An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On s...
Squid-Cache Squid<4.10
openSUSE Leap=15.1
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
ubuntu/squid<4.8-1ubuntu2.2
and 6 more
CVE-2019-18677
An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to inc...
Squid-Cache Squid>=2.0<=2.7
Squid-Cache Squid>=3.0<=3.5.28
Squid-Cache Squid>=4.0<=4.8
Squid-Cache Squid=2.7-stable2
Squid-Cache Squid=2.7-stable3
Squid-Cache Squid=2.7-stable4
and 20 more
CVE-2019-18679
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens co...
Squid-Cache Squid>=2.0<=2.7
Squid-Cache Squid>=3.0<=3.5.28
Squid-Cache Squid>=4.0<=4.8
Squid-Cache Squid=2.7-stable2
Squid-Cache Squid=2.7-stable3
Squid-Cache Squid=2.7-stable4
and 21 more
CVE-2019-18678
An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. ...
Squid-Cache Squid>=3.0<=3.5.28
Squid-Cache Squid>=4.0<=4.8
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.04
Canonical Ubuntu Linux=19.10
and 12 more
CVE-2019-18676
An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. ...
Squid-Cache Squid>=3.0<=3.5.28
Squid-Cache Squid>=4.0<=4.8
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.04
Canonical Ubuntu Linux=19.10
and 14 more
CVE-2019-12523
An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go th...
Squid-Cache Squid>=3.0<=3.5.28
Squid-Cache Squid>=4.0<=4.8
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.04
Canonical Ubuntu Linux=19.10
and 15 more
CVE-2019-12526
An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fai...
Squid-Cache Squid>=3.0<=3.5.28
Squid-Cache Squid>=4.0<=4.8
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.04
Canonical Ubuntu Linux=19.10
and 15 more
CVE-2019-12854
Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpected...
Squid-Cache Squid>=4.0<=4.7
Debian Debian Linux=10.0
Fedoraproject Fedora=29
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.04
and 6 more
CVE-2019-12525
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain toke...
Squid-Cache Squid>=3.3.9<=3.5.28
Squid-Cache Squid>=4.0<=4.7
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
openSUSE Leap=15.0
and 11 more
CVE-2019-12527
An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the de...
Squid-Cache Squid>=4.0.23<=4.7
Fedoraproject Fedora=29
Debian Debian Linux=10.0
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.04
and 15 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203