Max CVSS 7.5 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-12525 7.5
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if t
26-04-2022 - 20:18 11-07-2019 - 19:15
CVE-2020-11945 7.5
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a s
17-03-2021 - 12:40 23-04-2020 - 15:15
CVE-2019-12519 7.5
An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expr
11-02-2021 - 14:43 15-04-2020 - 20:15
CVE-2019-13345 4.3
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
11-07-2020 - 00:15 05-07-2019 - 16:15
CVE-2018-1000024 5.0
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This att
03-10-2019 - 00:03 09-02-2018 - 23:29
CVE-2018-1000027 5.0
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the pro
17-07-2019 - 16:15 09-02-2018 - 23:29
Back to Top Mark selected
Back to Top