Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port...
6.5AI Score
0.002EPSS
Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT...
6.4AI Score
0.067EPSS
Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password...
6.9AI Score
0.003EPSS
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some...
6.3AI Score
0.0004EPSS