Vulnerabilities > Squid Cache > Squid > 5.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-03 | CVE-2023-46847 | Classic Buffer Overflow vulnerability in multiple products Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. | 7.5 |
| 2023-11-03 | CVE-2023-46848 | Incorrect Conversion between Numeric Types vulnerability in multiple products Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. | 7.5 |
| 2023-11-03 | CVE-2023-5824 | Improper Handling of Exceptional Conditions vulnerability in multiple products A flaw was found in Squid. | 7.5 |
| 2023-11-01 | CVE-2023-46724 | Improper Certificate Validation vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web. | 7.5 |
| 2022-12-25 | CVE-2022-41317 | Incorrect Comparison vulnerability in Squid-Cache Squid An issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. | 6.5 |
| 2022-12-25 | CVE-2022-41318 | Integer Overflow or Wraparound vulnerability in Squid-Cache Squid A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. | 8.6 |
| 2022-07-17 | CVE-2021-46784 | Reachable Assertion vulnerability in multiple products In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses. | 6.5 |