Vulnerabilities > Squid Cache > Squid

DATE CVE VULNERABILITY TITLE RISK
2020-02-04 CVE-2020-8517 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid before 4.10.
network
low complexity
squid-cache opensuse canonical CWE-787
7.5
7.5
2020-02-04 CVE-2020-8450 Incorrect Calculation of Buffer Size vulnerability in multiple products
An issue was discovered in Squid before 4.10. 		7.3
7.3
2020-02-04 CVE-2020-8449 Exposure of Resource to Wrong Sphere vulnerability in multiple products
An issue was discovered in Squid before 4.10. 		7.5
7.5
2019-11-26 CVE-2019-18679 Information Exposure vulnerability in multiple products
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. 		7.5
7.5
2019-11-26 CVE-2019-18678 HTTP Request Smuggling vulnerability in multiple products
An issue was discovered in Squid 3.x and 4.x through 4.8. 		5.3
5.3
2019-11-26 CVE-2019-18677 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions).
network
low complexity
squid-cache canonical fedoraproject CWE-352
6.1
6.1
2019-11-26 CVE-2019-18676 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid 3.x and 4.x through 4.8. 		7.5
7.5
2019-11-26 CVE-2019-12526 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid before 4.9.
network
low complexity
squid-cache canonical fedoraproject opensuse debian CWE-787
critical
 9.8
9.8
2019-11-26 CVE-2019-12523 An issue was discovered in Squid before 4.9.
network
low complexity
squid-cache canonical fedoraproject opensuse debian
critical
 9.1
9.1
2019-08-15 CVE-2019-12854 Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. 7.5
7.5