Squid-cache

Squid

106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-62168

  • EPSS 0.07%
  • Veröffentlicht 17.10.2025 16:21:30
  • Zuletzt bearbeitet 05.11.2025 17:15:45

Squid is a caching proxy for the Web. In Squid versions prior to 7.2, a failure to redact HTTP authentication credentials in error handling allows information disclosure. The vulnerability allows a script to bypass browser security protections and le...

4

CVE-2025-59362

Exploit
  • EPSS 0.09%
  • Veröffentlicht 26.09.2025 16:15:48
  • Zuletzt bearbeitet 07.10.2025 18:50:14

Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in lib/snmplib/asn1.c.

9.8

CVE-2025-54574

  • EPSS 0.78%
  • Veröffentlicht 01.08.2025 18:02:19
  • Zuletzt bearbeitet 05.11.2025 17:15:43

Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To wo...

7.5

CVE-2024-45802

  • EPSS 1.28%
  • Veröffentlicht 28.10.2024 15:15:04
  • Zuletzt bearbeitet 03.11.2025 21:16:21

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerab...

6.3

CVE-2024-37894

  • EPSS 1.31%
  • Veröffentlicht 25.06.2024 20:15:11
  • Zuletzt bearbeitet 03.11.2025 21:16:14

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack.

7.5

CVE-2024-25111

  • EPSS 3.05%
  • Veröffentlicht 06.03.2024 19:15:07
  • Zuletzt bearbeitet 03.11.2025 21:16:07

Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause D...

7.5

CVE-2024-25617

  • EPSS 1.02%
  • Veröffentlicht 14.02.2024 21:15:08
  • Zuletzt bearbeitet 25.06.2025 20:51:35

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Collapse of Data into Unsafe Value bug ,Squid may be vulnerable to a Denial of Service attack against HTTP header parsing. This problem allows a remote ...

6.5

CVE-2024-23638

Exploit
  • EPSS 14.31%
  • Veröffentlicht 24.01.2024 00:15:08
  • Zuletzt bearbeitet 21.11.2024 08:58:03

Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Ser...

7.5

CVE-2023-50269

  • EPSS 1.04%
  • Veröffentlicht 14.12.2023 18:15:45
  • Zuletzt bearbeitet 21.11.2024 08:36:47

Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsi...

7.5

CVE-2023-49285

  • EPSS 8.44%
  • Veröffentlicht 04.12.2023 23:15:27
  • Zuletzt bearbeitet 21.11.2024 08:33:11

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advise...