Vulnerabilities > Squid Cache
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-28 | CVE-2024-45802 | Unspecified vulnerability in Squid-Cache Squid Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. | 7.5 |
| 2024-01-24 | CVE-2024-23638 | Operation on a Resource after Expiration or Release vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web. | 6.5 |
| 2023-12-14 | CVE-2023-50269 | Uncontrolled Recursion vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web. | 7.5 |
| 2023-12-04 | CVE-2023-49285 | Out-of-bounds Read vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. | 7.5 |
| 2023-12-04 | CVE-2023-49286 | Reachable Assertion vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. | 7.5 |
| 2023-12-04 | CVE-2023-49288 | Use After Free vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. | 7.5 |
| 2023-11-06 | CVE-2023-46728 | NULL Pointer Dereference vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. | 7.5 |
| 2023-11-03 | CVE-2023-46846 | HTTP Request Smuggling vulnerability in multiple products SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. | 5.3 |
| 2023-11-03 | CVE-2023-46847 | Classic Buffer Overflow vulnerability in multiple products Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. | 7.5 |
| 2023-11-03 | CVE-2023-46848 | Incorrect Conversion between Numeric Types vulnerability in multiple products Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. | 7.5 |