Lucene search
K

26 matches found

CloudLinux
CloudLinux
added 2026/04/29 7:8 a.m.9 views

squid: Fix of 3 CVEs

CVE-2019-12521: fix ESI parser off-by-one heap overflow by enforcing a stack-depth limit and throwing on overflow - CVE-2019-12524 already addressed by the CVE-2019-12520 backport same fix upstream; see Squid advisory SQUID-2019:4...

9.8CVSS6.8AI score0.05765EPSS
Exploits0
OSV
OSV
added 2026/04/28 1:48 p.m.8 views

CLSA-2026-1777384121 squid: Fix of 3 CVEs

CVE-2019-12521: fix ESI parser off-by-one heap overflow by enforcing a stack-depth limit and throwing on overflow - CVE-2019-12524 already addressed by the CVE-2019-12520 backport same fix upstream; see Squid advisory SQUID-2019:4...

9.8CVSS6.9AI score0.05765EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 3: squid:4 (TSSA-2022:0124)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0124 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.9CVSS7.4AI score0.74477EPSS
Exploits1References26
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2019-12521

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a sta...

5.9CVSS6.8AI score0.05765EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.38 views

Rocky Linux 8 : squid:4 (RLSA-2020:4743)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4743 advisory. - An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does thi...

9.9CVSS7.5AI score0.7179EPSS
Exploits0References37
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.30 views

Amazon Linux 2 : squid (ALASSQUID4-2023-008)

The version of squid installed on the remote host is prior to 4.11-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2SQUID4-2023-008 advisory. A flaw was found in Squid through version 4.7. When handling the tag esi:when, when ESI is enabled, Squid calls the...

9.8CVSS7.3AI score0.27246EPSS
Exploits0References10
Amazon
Amazon
added 2023/09/25 12:0 a.m.6 views

Important: squid

Issue Overview: A flaw was found in Squid through version 4.7. When handling the tag esi:when, when ESI is enabled, Squid calls the ESIExpression::Evaluate function which uses a fixed stack buffer to hold the expression. While processing the expression, there is no check to ensure that the stack...

9.8CVSS8.5AI score0.27246EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.4 views

SUSE CVE-2019-12521

An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elemen...

6.5CVSS7.4AI score0.05765EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2020:14460-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS6.7AI score0.74477EPSS
Exploits1References20
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2020:1156-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.27246EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2020:1134-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.27246EPSS
Exploits0References8
OSV
OSV
added 2020/11/03 12:32 p.m.29 views

ALSA-2020:4743 Moderate: squid:4 security, bug fix, and enhancement update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid 4.11. BZ1829467 Security Fixes: squid: Improper input validation in request allows for proxy manipulation...

9.9CVSS9.2AI score0.7179EPSS
Exploits0References19
OSV
OSV
added 2020/11/03 12:32 p.m.38 views

RLSA-2020:4743 Moderate: squid:4 security, bug fix, and enhancement update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid 4.11. BZ1829467 Security Fixes: squid: Improper input validation in request allows for proxy manipulation...

8.5CVSS9.1AI score0.7179EPSS
Exploits0References19
AlmaLinux
AlmaLinux
added 2020/11/03 12:32 p.m.56 views

Moderate: squid:4 security, bug fix, and enhancement update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid 4.11. BZ1829467 Security Fixes: squid: Improper input validation in request allows for proxy manipulation...

9.9CVSS8.9AI score0.7179EPSS
Exploits0References19
OpenVAS
OpenVAS
added 2020/09/29 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-2127)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.4AI score0.7179EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/09/04 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-1931)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.27246EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/09/02 12:0 a.m.36 views

EulerOS 2.0 SP5 : squid (EulerOS-SA-2020-1931)

According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that...

9.8CVSS7.5AI score0.27246EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/07/31 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-1828)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.27246EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/07/30 12:0 a.m.42 views

EulerOS 2.0 SP8 : squid (EulerOS-SA-2020-1828)

According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This functi...

9.8CVSS7.5AI score0.27246EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/05/15 12:0 a.m.38 views

SUSE SLES12 Security Update : squid (SUSE-SU-2020:1227-1)

This update for squid fixes the following issues : CVE-2019-12519, CVE-2019-12521: fixes incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses bsc1169659. CVE-2020-11945: fixes a potential remote execution...

9.8CVSS6.7AI score0.27246EPSS
Exploits0References14
Rows per page
Query Builder