Vulnerabilities > Squid Cache > Squid > 3.0.stable13

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2019-12524 Missing Authentication for Critical Function vulnerability in multiple products
An issue was discovered in Squid through 4.7.
network
low complexity
squid-cache debian canonical CWE-306
7.5
7.5
2020-04-15 CVE-2019-12522 Improper Privilege Management vulnerability in Squid-Cache Squid
An issue was discovered in Squid through 4.7. 		4.4
4.4
2020-04-15 CVE-2019-12521 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid through 4.7. 		4.3
4.3
2020-03-20 CVE-2019-18860 Injection vulnerability in multiple products
Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
network
low complexity
squid-cache debian canonical opensuse CWE-74
6.1
6.1
2020-02-04 CVE-2019-12528 An issue was discovered in Squid before 4.10. 7.5
7.5
2020-02-04 CVE-2020-8517 Improper Input Validation vulnerability in multiple products
An issue was discovered in Squid before 4.10.
network
low complexity
squid-cache opensuse canonical CWE-20
5.0
5.0
2020-02-04 CVE-2020-8450 Incorrect Calculation of Buffer Size vulnerability in multiple products
An issue was discovered in Squid before 4.10. 		7.3
7.3
2020-02-04 CVE-2020-8449 Exposure of Resource to Wrong Sphere vulnerability in multiple products
An issue was discovered in Squid before 4.10. 		7.5
7.5
2019-11-26 CVE-2019-18679 Information Exposure vulnerability in multiple products
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. 		7.5
7.5
2019-11-26 CVE-2019-18678 HTTP Request Smuggling vulnerability in multiple products
An issue was discovered in Squid 3.x and 4.x through 4.8. 		5.3
5.3