Squid-cache

Squid

104 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2015-5400

Exploit
  • EPSS 19.75%
  • Published 28.09.2015 20:59:03
  • Last modified 12.04.2025 10:46:40

Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request.

2.6

CVE-2015-3455

  • EPSS 5.01%
  • Published 18.05.2015 15:59:11
  • Last modified 12.04.2025 10:46:40

Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle atta...

4.3

CVE-2015-0881

  • EPSS 4.38%
  • Published 20.02.2015 11:59:04
  • Last modified 12.04.2025 10:46:40

CRLF injection vulnerability in Squid before 3.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted header in a response.

6.4

CVE-2014-7142

  • EPSS 64.23%
  • Published 26.11.2014 15:59:04
  • Last modified 12.04.2025 10:46:40

The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.

6.4

CVE-2014-7141

  • EPSS 77.33%
  • Published 26.11.2014 15:59:03
  • Last modified 12.04.2025 10:46:40

The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.

6.8

CVE-2014-6270

  • EPSS 18.2%
  • Published 12.09.2014 14:55:07
  • Last modified 12.04.2025 10:46:40

Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, whic...

5

CVE-2014-3609

  • EPSS 82.85%
  • Published 11.09.2014 18:55:05
  • Last modified 12.04.2025 10:46:40

HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted "Range headers with unidentifiable byte-range values."

5

CVE-2014-0128

  • EPSS 54.97%
  • Published 14.04.2014 15:09:05
  • Last modified 12.04.2025 10:46:40

Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management.

7.8

CVE-2013-1839

  • EPSS 36.54%
  • Published 30.09.2013 22:55:04
  • Last modified 11.04.2025 00:51:21

The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a "," character in an Accept-Language header.

5

CVE-2013-4123

  • EPSS 75.78%
  • Published 16.09.2013 19:14:38
  • Last modified 11.04.2025 00:51:21

client_side_request.cc in Squid 3.2.x before 3.2.13 and 3.3.x before 3.3.8 allows remote attackers to cause a denial of service via a crafted port number in a HTTP Host header.