Vulnerabilities > Squid Cache > Squid > 3.0.stable13

DATE CVE VULNERABILITY TITLE RISK
2023-12-04 CVE-2023-49285 Out-of-bounds Read vulnerability in Squid-Cache Squid
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
network
low complexity
squid-cache CWE-125
7.5
2023-12-04 CVE-2023-49286 Reachable Assertion vulnerability in Squid-Cache Squid
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
network
low complexity
squid-cache CWE-617
7.5
2023-11-06 CVE-2023-46728 NULL Pointer Dereference vulnerability in Squid-Cache Squid
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
network
low complexity
squid-cache CWE-476
7.5
2023-11-03 CVE-2023-46846 HTTP Request Smuggling vulnerability in multiple products
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
network
low complexity
squid-cache redhat CWE-444
5.3
2023-11-03 CVE-2023-5824 Improper Handling of Exceptional Conditions vulnerability in multiple products
Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.
network
low complexity
squid-cache redhat CWE-755
7.5
2022-12-25 CVE-2022-41318 Integer Overflow or Wraparound vulnerability in Squid-Cache Squid
A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6.
network
low complexity
squid-cache CWE-190
8.6
2022-07-17 CVE-2021-46784 Reachable Assertion vulnerability in multiple products
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
network
low complexity
squid-cache debian CWE-617
6.5
2021-06-08 CVE-2021-31807 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache fedoraproject netapp CWE-190
6.5
2021-05-28 CVE-2021-33620 Improper Input Validation vulnerability in multiple products
Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response.
network
low complexity
squid-cache fedoraproject debian CWE-20
6.5
2021-05-27 CVE-2021-31808 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache debian netapp fedoraproject CWE-190
6.5