Vulnerabilities > Squid Cache

DATE CVE VULNERABILITY TITLE RISK
2020-02-04 CVE-2020-8449 Exposure of Resource to Wrong Sphere vulnerability in multiple products
An issue was discovered in Squid before 4.10.
7.5
2019-11-26 CVE-2019-18679 Information Exposure vulnerability in multiple products
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8.
7.5
2019-11-26 CVE-2019-18678 HTTP Request Smuggling vulnerability in multiple products
An issue was discovered in Squid 3.x and 4.x through 4.8.
5.3
2019-11-26 CVE-2019-18677 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions).
network
low complexity
squid-cache canonical fedoraproject CWE-352
6.1
2019-11-26 CVE-2019-18676 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid 3.x and 4.x through 4.8.
7.5
2019-11-26 CVE-2019-12526 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid before 4.9.
network
low complexity
squid-cache canonical fedoraproject opensuse debian CWE-787
critical
9.8
2019-11-26 CVE-2019-12523 An issue was discovered in Squid before 4.9.
network
low complexity
squid-cache canonical fedoraproject opensuse debian
critical
9.1
2019-08-15 CVE-2019-12854 Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. 7.5
2019-07-11 CVE-2019-12529 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7.
5.9
2019-07-11 CVE-2019-12527 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid 4.0.23 through 4.7.
8.8