|Max CVSS||7.5||Min CVSS||2.6||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
|21-07-2021 - 11:39||04-02-2020 - 20:15|
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a s
|17-03-2021 - 12:40||23-04-2020 - 15:15|
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
|11-07-2020 - 00:15||05-07-2019 - 16:15|
Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response. <a href="http://cwe.mitre.org/data/definitions/415.html">
|27-12-2019 - 16:08||10-05-2016 - 19:59|
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle atta
|27-12-2019 - 16:08||18-05-2015 - 15:59|
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
|16-03-2018 - 01:29||07-04-2016 - 18:59|
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 22.214.171.124 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack req
|05-01-2018 - 02:30||27-01-2017 - 17:59|
HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted "Range headers with unidentifiable byte-range values."
|07-01-2017 - 03:00||11-09-2014 - 18:55|