| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-12527 | 6.8 |
An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leadin
|
28-02-2023 - 20:49 | 11-07-2019 - 19:15 | |
| CVE-2019-12529 | 4.3 |
An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be
|
26-04-2022 - 20:22 | 11-07-2019 - 19:15 | |
| CVE-2019-12525 | 7.5 |
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if t
|
26-04-2022 - 20:18 | 11-07-2019 - 19:15 | |
| CVE-2019-12854 | 5.0 |
Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clien
|
01-01-2022 - 20:18 | 15-08-2019 - 17:15 | |
| CVE-2019-13345 | 4.3 |
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
|
11-07-2020 - 00:15 | 05-07-2019 - 16:15 |