High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-04	CVE-2020-8517	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid before 4.10. network low complexity squid-cache opensuse canonical CWE-787	7.5
2020-02-04	CVE-2020-8450	Incorrect Calculation of Buffer Size vulnerability in multiple products An issue was discovered in Squid before 4.10. network low complexity squid-cache canonical opensuse fedoraproject debian CWE-131	7.3
2020-02-04	CVE-2020-8449	Exposure of Resource to Wrong Sphere vulnerability in multiple products An issue was discovered in Squid before 4.10. network low complexity squid-cache debian canonical opensuse fedoraproject CWE-668	7.5
2019-11-26	CVE-2019-18679	Information Exposure vulnerability in multiple products An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. network low complexity squid-cache canonical debian fedoraproject CWE-200	7.5
2019-11-26	CVE-2019-18676	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid 3.x and 4.x through 4.8. network low complexity squid-cache canonical fedoraproject debian CWE-787	7.5
2019-08-15	CVE-2019-12854	Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. network low complexity squid-cache debian fedoraproject canonical opensuse	7.5
2019-07-11	CVE-2019-12527	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid 4.0.23 through 4.7. network low complexity squid-cache fedoraproject debian canonical redhat CWE-787	8.8
2018-02-09	CVE-2018-1000027	NULL Pointer Dereference vulnerability in multiple products The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. network low complexity squid-cache debian canonical CWE-476	7.5
2018-02-09	CVE-2018-1000024	The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. network low complexity squid-cache debian canonical	7.5
2017-01-27	CVE-2016-10003	Incorrect Comparison vulnerability in Squid-Cache Squid Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients. network low complexity squid-cache CWE-697	7.5