Vulnerabilities > Squid Cache
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-24 | CVE-2024-23638 | Operation on a Resource after Expiration or Release vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web. | 6.5 |
| 2023-12-14 | CVE-2023-50269 | Uncontrolled Recursion vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web. | 7.5 |
| 2023-12-04 | CVE-2023-49285 | Out-of-bounds Read vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. | 7.5 |
| 2023-12-04 | CVE-2023-49286 | Reachable Assertion vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. | 7.5 |
| 2023-12-04 | CVE-2023-49288 | Use After Free vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. | 7.5 |
| 2023-11-06 | CVE-2023-46728 | NULL Pointer Dereference vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. | 7.5 |
| 2023-11-03 | CVE-2023-46846 | HTTP Request Smuggling vulnerability in multiple products SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. | 5.3 |
| 2023-11-03 | CVE-2023-46847 | Classic Buffer Overflow vulnerability in multiple products Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. | 7.5 |
| 2023-11-03 | CVE-2023-46848 | Incorrect Conversion between Numeric Types vulnerability in multiple products Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. | 7.5 |
| 2023-11-03 | CVE-2023-5824 | Improper Handling of Exceptional Conditions vulnerability in multiple products Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug. | 7.5 |