CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenVAS•added 2023/12/12 12:0 a.m.•37 views

Ubuntu: Security Advisory (USN-6500-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu•added 2023/12/11 11:40 a.m.•63 views

USN-6500-2: Squid vulnerabilities

USN-6500-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to...

8.6CVSS7.3AI score0.38209EPSS

RedHat Linux•added 2023/11/29 2:3 p.m.•22 views

Critical: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

RedHat Linux•added 2023/11/29 1:51 p.m.•23 views

Critical: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Tenable Nessus•added 2023/11/29 12:0 a.m.•16 views

RHEL 7 : squid (RHSA-2023:7576)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:7576 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Denial of...

Veracode•added 2023/11/23 11:24 a.m.•24 views

Exploits0References5

Denial Of Service (DoS)

libsquid.so is vulnerable to Denial of Service DoS. The vulnerability occurs when an attacker sends a specially crafted HTTP Digest authentication request to a vulnerable Squid server. The request can cause the server to consume excessive CPU resources, leading to a DoS condition...

Exploits0References23Affected Software1

Oracle linux•added 2023/11/22 12:0 a.m.•41 views

squid:4 security update

libecap squid 7:4.15-7.1 - Resolves: RHEL-14801 - squid: squid: Denial of Service in HTTP Digest Authentication - Resolves: RHEL-14776 - squid: squid: Request/Response smuggling in HTTP/1.1 and ICAP...

9.3CVSS7.6AI score0.38209EPSS

OpenVAS•added 2023/11/22 12:0 a.m.•21 views

Ubuntu: Security Advisory (USN-6500-1)

9.3CVSS6.7AI score0.38209EPSS

Ubuntu•added 2023/11/21 3:42 p.m.•76 views

USN-6500-1: Squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. CVE-2023-46724 Joshua...

9.3CVSS6.9AI score0.38209EPSS

OSV•added 2023/11/16 6:59 p.m.•2 views

CLSA-2023-1700161185 Fix CVE(s): CVE-2023-46847

SECURITY UPDATE: denial of service in HTTP Digest Authentication - debian/patches/CVE-2023-46847.patch: fix stack buffer overflow when parsing Digest Authorization - CVE-2023-46847...

8.6CVSS7.3AI score0.38209EPSS

Exploits0References1

OSV•added 2023/11/16 6:50 p.m.•2 views

CLSA-2023-1700160647 Fix CVE(s): CVE-2023-46847

SECURITY UPDATE: Denial of Service in HTTP Digest Authentication - debian/patches/CVE-2023-46847.patch: fix stack buffer overflow when parsing Digest Authorization - CVE-2023-46847...

8.6CVSS7.3AI score0.38209EPSS

Exploits0References1

AlmaLinux•added 2023/11/14 12:0 a.m.•47 views

Critical: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Denial of Service in HTTP Digest Authentication CVE-2023-46847 squid: Request/Response smuggling in HTTP/1.1 and ICAP CVE-2023-46846 For more details about the...

9.3CVSS7.3AI score0.38209EPSS

Exploits0References6

RedHat Linux•added 2023/11/13 8:57 a.m.•51 views

Critical: Red Hat Security Advisory: squid34 security update

An update for squid34 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Tenable Nessus•added 2023/11/13 12:0 a.m.•30 views

RHEL 6 : squid (RHSA-2023:6884)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:6884 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Denial of...

Tenable Nessus•added 2023/11/13 12:0 a.m.•27 views

Exploits0References5

RHEL 6 : squid34 (RHSA-2023:6882)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:6882 advisory. The squid34 packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data...