Vulnerabilities > Squid Cache

DATE CVE VULNERABILITY TITLE RISK
2024-10-28 CVE-2024-45802 Unspecified vulnerability in Squid-Cache Squid
Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
network
low complexity
squid-cache
7.5
2024-01-24 CVE-2024-23638 Operation on a Resource after Expiration or Release vulnerability in Squid-Cache Squid
Squid is a caching proxy for the Web.
network
low complexity
squid-cache CWE-672
6.5
2023-12-14 CVE-2023-50269 Unspecified vulnerability in Squid-Cache Squid
Squid is a caching proxy for the Web.
network
low complexity
squid-cache
7.5
2023-12-04 CVE-2023-49285 Out-of-bounds Read vulnerability in Squid-Cache Squid
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
network
low complexity
squid-cache CWE-125
7.5
2023-12-04 CVE-2023-49286 Reachable Assertion vulnerability in Squid-Cache Squid
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
network
low complexity
squid-cache CWE-617
7.5
2023-12-04 CVE-2023-49288 Unspecified vulnerability in Squid-Cache Squid
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
network
low complexity
squid-cache
7.5
2023-11-06 CVE-2023-46728 Unspecified vulnerability in Squid-Cache Squid
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
network
low complexity
squid-cache
7.5
2023-11-03 CVE-2023-46846 HTTP Request Smuggling vulnerability in multiple products
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
network
low complexity
squid-cache redhat CWE-444
5.3
2023-11-03 CVE-2023-46847 Classic Buffer Overflow vulnerability in multiple products
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
network
low complexity
squid-cache redhat CWE-120
7.5
2023-11-03 CVE-2023-46848 Incorrect Conversion between Numeric Types vulnerability in multiple products
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.
network
low complexity
squid-cache redhat CWE-681
7.5