Lucene search
K

43 matches found

Tenable Nessus
Tenable Nessus
added 2024/03/19 12:0 a.m.43 views

RHEL 8 : squid:4 (RHSA-2024:1375)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1375 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: deni...

8.6CVSS7.1AI score0.88864EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/03/18 12:0 a.m.4 views

The vulnerability of the HttpStateData() function in the Chunked decoder of the Squid proxy server allows a hacker to induce a service failure.

The vulnerability of the HttpStateData function in the Chunked decoder of the Squid proxy server is related to buffer overflows in the stack due to uncontrolled recursion during HTTP message processing. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

8.6CVSS7.9AI score0.65254EPSS
Exploits0References7Affected Software3
CNVD
CNVD
added 2024/03/12 12:0 a.m.4 views

Squid Denial of Service Vulnerability (CNVD-2024-13541)

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A denial of service vulnerability exists in Squid that stems from the presence of a recursion error, which can be...

8.6CVSS6.4AI score0.65254EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/03/08 4:51 a.m.4 views

SUSE CVE-2024-25111

Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...

7.5CVSS6.6AI score0.65254EPSS
Exploits0References7
OSV
OSV
added 2024/03/06 7:15 p.m.6 views

AZL-42511 CVE-2024-25111 affecting package squid 5.7-5

Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...

7.5CVSS5.7AI score0.65254EPSS
Exploits0References1
NVD
NVD
added 2024/03/06 7:15 p.m.17 views

CVE-2024-25111

Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...

8.6CVSS8.2AI score0.65254EPSS
Exploits0References6
OSV
OSV
added 2024/03/06 7:15 p.m.3 views

DEBIAN-CVE-2024-25111

Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...

7.5CVSS7.8AI score0.65254EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/03/06 7:15 p.m.37 views

CVE-2024-25111

Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...

8.6CVSS7.1AI score0.65254EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2024/03/06 6:14 p.m.31 views

CVE-2024-25111

Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...

8.6CVSS6.7AI score0.65254EPSS
Exploits0References6
CVE
CVE
added 2024/03/06 6:14 p.m.268 views

CVE-2024-25111

Squid (web proxy cache) is affected by CVE-2024-25111. Affected versions are 3.5.27 up to, but not including, 6.8; the issue is an uncontrolled recursion in the HTTP Chunked decoder that can cause a remote DoS when processing crafted chunked HTTP messages. The vulnerability is fixed in Squid vers...

8.6CVSS8.3AI score0.65254EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/03/06 6:14 p.m.6 views

CVE-2024-25111 SQUID-2024:1 Denial of Service in HTTP Chunked Decoding

Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...

8.6CVSS8.3AI score0.65254EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/11/22 12:0 a.m.5 views

The vulnerability of Squid’s chunked decoder allows a hacker to interact directly with the server.

The vulnerability of Squid’s chunked proxy server decoder is related to the way the server interprets fragmented encoding syntax. Exploiting this vulnerability allows a remote attacker to interact directly with the server...

5.3CVSS6.9AI score0.05255EPSS
Exploits0References9Affected Software6
OpenVAS
OpenVAS
added 2023/11/22 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-6500-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.7AI score0.85944EPSS
Exploits0References2
OSV
OSV
added 2023/11/21 3:42 p.m.7 views

USN-6500-1 squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. CVE-2023-46724 Joshua...

9.3CVSS6.8AI score0.85944EPSS
Exploits0References6
Redos
Redos
added 2023/11/21 12:0 a.m.34 views

ROS-20231115-01

A vulnerability in the Squid proxy server related to the execution of a "buffer overflow" attack, writing up to 2MB of of arbitrary data to the memory heap when Squid is configured to accept HTTP Digest Authentication. Exploitation of the vulnerability could allow an attacker acting remotely to...

9.3CVSS7.7AI score0.85944EPSS
Exploits0
OSV
OSV
added 2023/11/03 8:15 a.m.6 views

AZL-31905 CVE-2023-46846 affecting package squid 5.7-5

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...

5.3CVSS6.8AI score0.05255EPSS
Exploits0References1
NVD
NVD
added 2023/11/03 8:15 a.m.28 views

CVE-2023-46846

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...

9.3CVSS9.1AI score0.05255EPSS
Exploits0References16
Debian CVE
Debian CVE
added 2023/11/03 7:33 a.m.53 views

CVE-2023-46846

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...

9.3CVSS7.4AI score0.05255EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/10/28 1:1 a.m.3 views

SUSE CVE-2023-46846

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...

5.9CVSS6.9AI score0.05255EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2023/10/23 12:0 a.m.20 views

Squid Request/Response Smuggling Vulnerability (GHSA-j83v-w3p4-5cqh, SQUID-2023:1)

Squid is prone to a request/response smuggling vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:squid-cache:squid";...

9.3CVSS6.2AI score0.05255EPSS
Exploits0References1
Rows per page
Query Builder