SUSE SLES15 Security Update : squid (SUSE-SU-2025:03521-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03521-1 advisory. - CVE-2025-59362: fixed buffer overflow bsc1250627 - CVE-2024-37894: fixed denial of service in ESI processing bsc1227086 -...

Security update for squid

This update for squid fixes the following issues: CVE-2025-59362: fixed buffer overflow bsc1250627 CVE-2024-37894: fixed denial of service in ESI processing bsc1227086 CVE-2024-33427: fixed possible buffer overread leading to denial of service bsc1225417 Patch Instructions: To install this SUSE...

squid: Out-of-bounds write error may lead to Denial of Service

A flaw was found in Squid. An out-of-bounds write can be triggered when an Edge Side Includes ESI variable is assigned to a value not in the standard ASCII range, for example, multi-byte characters. This flaw allows a trusted server to crash Squid while processing an ESI response content, resulti...

openSUSE Security Advisory (SUSE-SU-2024:2269-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:2270-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : squid (SUSE-SU-2024:2268-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:2268-1 advisory. - Update to version 6.10 - CVE-2024-37894: Fixed a denial of Service issue in ESI processing bsc1227086 Tenable has extracted...

SUSE-SU-2024:2270-1 Security update for squid

This update for squid fixes the following issues: - CVE-2024-37894: Fixed a denial of Service issue in ESI processing bsc1227086...

SUSE-SU-2024:2269-1 Security update for squid

This update for squid fixes the following issues: - CVE-2024-37894: Fixed a denial of Service issue in ESI processing bsc1227086...

SUSE-SU-2024:2268-1 Security update for squid

This update for squid fixes the following issues: - Update to version 6.10 - CVE-2024-37894: Fixed a denial of Service issue in ESI processing bsc1227086...

Squid DoS Vulnerability (GHSA-wgvf-q977-9xjg, SQUID-2024:3)

Squid is prone to a denial of service DoS vulnerability in ESI processing. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

SUSE CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

SUSE: Security Advisory (SUSE-SU-2016:2089-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:1996-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-2127)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2018:0752-1 Security update for squid3

This update for squid3 fixes the following issues: Security issues fixed: - CVE-2018-1000024: DoS fix caused by incorrect pointer handling when processing ESI responses. This affects the default custom esiparser bsc1077003. - CVE-2018-1000027: DoS fix caused by incorrect pointer handing whien...

UBUNTU-CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:1996-1)

This update for squid3 fixes the following issues : - Multiple issues in pinger ICMP processing. CVE-2014-7141, CVE-2014-7142 - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. bsc973782 - CVE-2016-4554: fix header smuggling issue in HTTP Request processing bsc979010 - fix multipl...

squid: multiple issues in ESI processing

Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack...

squid: multiple issues in ESI processing

Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack...

squid: multiple issues in ESI processing

Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack...