Vulnerabilities > Squid Cache > Squid > 3.0.stable3

DATE CVE VULNERABILITY TITLE RISK
2023-12-04 CVE-2023-49285 Out-of-bounds Read vulnerability in Squid-Cache Squid
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
network
low complexity
squid-cache CWE-125
7.5
7.5
2023-12-04 CVE-2023-49286 Reachable Assertion vulnerability in Squid-Cache Squid
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
network
low complexity
squid-cache CWE-617
7.5
7.5
2023-11-06 CVE-2023-46728 NULL Pointer Dereference vulnerability in Squid-Cache Squid
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
network
low complexity
squid-cache CWE-476
7.5
7.5
2023-11-03 CVE-2023-46846 HTTP Request Smuggling vulnerability in multiple products
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
network
low complexity
squid-cache redhat CWE-444
5.3
5.3
2022-12-25 CVE-2022-41318 Integer Overflow or Wraparound vulnerability in Squid-Cache Squid
A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6.
network
low complexity
squid-cache CWE-190
8.6
8.6
2022-07-17 CVE-2021-46784 Reachable Assertion vulnerability in multiple products
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
network
low complexity
squid-cache debian CWE-617
6.5
6.5
2021-06-08 CVE-2021-31807 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache fedoraproject netapp CWE-190
6.5
6.5
2021-05-28 CVE-2021-33620 Improper Input Validation vulnerability in multiple products
Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response.
network
low complexity
squid-cache fedoraproject debian CWE-20
6.5
6.5
2021-05-27 CVE-2021-31808 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache debian netapp fedoraproject CWE-190
6.5
6.5
2021-05-27 CVE-2021-31806 Improper Encoding or Escaping of Output vulnerability in multiple products
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache debian fedoraproject netapp CWE-116
6.5
6.5