CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

186 matches found

Tenable Nessus•added 2021/11/11 12:0 a.m.•35 views

RHEL 8 : squid:4 (RHSA-2021:4292)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4292 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have...

7.5CVSS6.8AI score0.95785EPSS

Exploits5References18

RedHat Linux•added 2021/11/09 5:37 p.m.•3 views

squid: denial of service issue in Cache Manager

A flaw was found in Squid. A parser validation bug could allow a trusted client with Cache Manager API access privileges to trigger memory leaks, potentially resulting in a denial of service against Squid. The highest threat from this vulnerability is to system availability...

4.9CVSS5.7AI score0.04341EPSS

Exploits1References5

Oracle linux•added 2021/09/24 12:0 a.m.•37 views

squid security update

7:3.5.20-17.0.1 - Mutiple CVE fixes for squid Orabug: 33146289 - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing 788 - Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range...

7.5CVSS3.2AI score0.95785EPSS

Exploits5

Tenable Nessus•added 2021/09/24 12:0 a.m.•61 views

Oracle Linux 7 : squid (ELSA-2021-9465)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9465 advisory. - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manag...

7.5CVSS6.7AI score0.95785EPSS

Exploits5References7

Tenable Nessus•added 2021/06/15 12:0 a.m.•24 views

Debian DLA-2685-1 : squid3 security update

Several vulnerabilities were discovered in Squid, a proxy caching server. CVE-2021-28651 Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology tha...

7.5CVSS6.8AI score0.95785EPSS

Exploits5References9

OSV•added 2021/06/08 4:46 p.m.•9 views

MGASA-2021-0237 Updated squid packages fix security vulnerabilities

Updated squid packages fix security vulnerabilities: Due to improper input validation Squid is vulnerable to an HTTP Request Smuggling attack. This problem allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by Squid security controls CVE-2020-25097...

8.6CVSS6.7AI score0.95785EPSS

Exploits5References12

OSV•added 2021/06/03 4:24 p.m.•5 views

USN-4981-1 squid, squid3 vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cause Squid to consume resources, leading to a denial of service. CVE-2021-28651 Joshua Rogers discovered that Squid incorrectly handled requests to the Cache...

7.5CVSS6.7AI score0.95785EPSS

Exploits5References8

Tenable Nessus•added 2021/06/03 12:0 a.m.•27 views

Ubuntu 18.04 LTS / 20.04 LTS : Squid vulnerabilities (USN-4981-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4981-1 advisory. Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cau...

7.5CVSS6.7AI score0.95785EPSS

Exploits5References8

Tenable Nessus•added 2021/06/03 12:0 a.m.•43 views

SUSE SLES12 Security Update : squid (SUSE-SU-2021:1838-1)

This update for squid fixes the following issues : update to 4.15 : CVE-2021-28652: Broken cache manager URL parsing bsc1185918 CVE-2021-28651: Memory leak in RFC 2169 response parsing bsc1185921 CVE-2021-28662: Limit HeaderLookupTablet::lookup to BadHdr and specific IDs bsc1185919 CVE-2021-31806...

8.6CVSS6.3AI score0.95785EPSS

Exploits4References19

OSV•added 2021/06/02 2:28 p.m.•4 views

SUSE-SU-2021:1838-1 Security update for squid

This update for squid fixes the following issues: - update to 4.15: - CVE-2021-28652: Broken cache manager URL parsing bsc1185918 - CVE-2021-28651: Memory leak in RFC 2169 response parsing bsc1185921 - CVE-2021-28662: Limit HeaderLookupTablet::lookup to BadHdr and specific IDs bsc1185919 -...

8.6CVSS6.3AI score0.95785EPSS

Exploits4References14

BDU FSTEC•added 2021/06/01 12:0 a.m.•1 views

The vulnerability of the Cache Manager API of the Squid proxy server allows a hacker to induce a service failure.

The vulnerability of the Squid proxy server’s Cache Manager API component is related to memory release errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

7.8CVSS6.5AI score0.04341EPSS

Exploits1References12Affected Software5

OpenVAS•added 2021/05/28 12:0 a.m.•14 views

Squid 1.0 < 4.14, 5.0 < 5.0.5 DoS Vulnerability (GHSA-m47m-9hvw-7447, SQUID-2021:3)

Squid is prone to a denial of service DoS vulnerability in the Cache Manager. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.9CVSS6.4AI score0.04341EPSS

Exploits1References6

OSV•added 2021/05/27 12:15 p.m.•25 views

CVE-2021-28652

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short que...

4.9CVSS6.5AI score

Exploits0References8