Vulnerabilities > Squid Cache > Squid > 4.0.16
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-26 | CVE-2019-12523 | An issue was discovered in Squid before 4.9. | 9.1 |
| 2019-08-15 | CVE-2019-12854 | Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. | 7.5 |
| 2019-07-11 | CVE-2019-12529 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. | 5.9 |
| 2019-07-11 | CVE-2019-12525 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. | 9.8 |
| 2019-07-05 | CVE-2019-13345 | Cross-site Scripting vulnerability in multiple products The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter. | 6.1 |
| 2018-11-09 | CVE-2018-19132 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet. | 4.3 |
| 2018-11-09 | CVE-2018-19131 | Cross-site Scripting vulnerability in Squid-Cache Squid Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors. | 4.3 |
| 2018-02-09 | CVE-2018-1000027 | NULL Pointer Dereference vulnerability in multiple products The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. | 5.0 |
| 2018-02-09 | CVE-2018-1000024 | The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. | 5.0 |
| 2017-01-27 | CVE-2016-10003 | Incorrect Comparison vulnerability in Squid-Cache Squid Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients. | 7.5 |