Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2020/08/26 10:9 a.m.58 views

CVE-2020-24606

A flaw was found in squid. A denial of service attack is possible due to an improper input validation. The highest threat from this vulnerability is to system availability. Mitigation Add the no-digest option to all cachepeer lines in squid.conf...

7.5CVSS2.3AI score0.06342EPSS
Exploits0References4
OSV
OSVadded 2020/08/24 6:15 p.m.1 views

DEBIAN-CVE-2020-24606

Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cachepeer is used with the cache digests feature. The problem exists because...

7.5CVSS6.9AI score0.06342EPSS
Exploits0References1
NVD
NVDadded 2020/08/24 6:15 p.m.13 views

CVE-2020-24606

Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cachepeer is used with the cache digests feature. The problem exists because...

8.6CVSS8.3AI score0.06342EPSS
Exploits0References14
CVE
CVEadded 2020/08/24 5:6 p.m.476 views

CVE-2020-24606

Squid vulnerability CVE-2020-24606 affects Squid 4.13 and 5.x prior to 5.0.4, where a trusted peer can cause a Denial of Service by exhausting CPU cycles while handling a crafted Cache Digest response. Root cause: peerDigestHandleReply() livelock due to EOF mishandling in peer_digest.cc. Impact i...

8.6CVSS7.3AI score0.06342EPSS
Exploits0References14Affected Software1
OpenVAS
OpenVASadded 2015/10/28 12:0 a.m.48 views

Squid 'cache_peer' Security Bypass Vulnerability (SQUID-2015:2)

Squid is prone to an access bypass vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:squid-cache:squid"; ifdescripti...

6.8CVSS7.2AI score0.24696EPSS
Exploits1References3
OSV
OSVadded 2015/09/28 8:59 p.m.0 views

UBUNTU-CVE-2015-5400

Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cachepeer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request...

6.8CVSS7AI score0.24696EPSS
Exploits1References4
CVE
CVEadded 2015/09/28 8:0 p.m.77 views

CVE-2015-5400

CVE-2015-5400 affects Squid proxy: Squid versions prior to 3.5.6 fail to properly handle CONNECT method peer responses when configured with cache_peer, allowing remote attackers to bypass access restrictions and access a backend proxy via a CONNECT request. The issue’s root cause is improper hand...

6.8CVSS6.9AI score0.24696EPSS
Exploits1References15Affected Software1
Tenable Nessus
Tenable Nessusadded 2015/08/04 12:0 a.m.25 views

Debian DSA-3327-1 : squid3 - security update

Alex Rousskov of The Measurement Factory discovered that Squid3, a fully featured web proxy cache, does not correctly handle CONNECT method peer responses when configured with cachepeer and operating on explicit proxy traffic. This could allow remote clients to gain unrestricted access through a...

6.8CVSS7.2AI score0.24696EPSS
Exploits1References5
OSV
OSVadded 2015/07/30 12:0 a.m.25 views

DLA-286-1 squid3 - security update

Bulletin has no description...

6.8CVSS7.2AI score0.24696EPSS
Exploits1
Rows per page
Query Builder