Vulnerabilities > Squid Cache > Squid > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-09 | CVE-2021-28116 | Out-of-bounds Read vulnerability in multiple products Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. | 5.3 |
| 2020-09-02 | CVE-2020-15811 | Incorrect Comparison vulnerability in multiple products An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. | 6.5 |
| 2020-09-02 | CVE-2020-15810 | HTTP Request Smuggling vulnerability in multiple products An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. | 6.5 |
| 2020-06-30 | CVE-2020-14059 | Improper Synchronization vulnerability in Squid-Cache Squid 5.0/5.0.1/5.0.2 An issue was discovered in Squid 5.x before 5.0.3. | 4.0 |
| 2020-04-15 | CVE-2019-12520 | Improper Input Validation vulnerability in multiple products An issue was discovered in Squid through 4.7 and 5. | 5.0 |
| 2020-04-15 | CVE-2019-12522 | Improper Privilege Management vulnerability in Squid-Cache Squid An issue was discovered in Squid through 4.7. | 4.4 |
| 2020-04-15 | CVE-2019-12521 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid through 4.7. | 4.3 |
| 2020-03-20 | CVE-2019-18860 | Injection vulnerability in multiple products Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi. | 6.1 |
| 2020-02-04 | CVE-2020-8517 | Improper Input Validation vulnerability in multiple products An issue was discovered in Squid before 4.10. | 5.0 |
| 2019-11-26 | CVE-2019-18678 | HTTP Request Smuggling vulnerability in multiple products An issue was discovered in Squid 3.x and 4.x through 4.8. | 5.3 |