Lucene search
K

176 matches found

Tenable Nessus
Tenable Nessus
added 2024/01/09 12:0 a.m.62 views

CentOS 8 : squid:4 (CESA-2024:0046)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0046 advisory. - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4...

8.6CVSS7.3AI score0.88818EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/08 8:23 a.m.6 views

squid-cache: Squid Buffer Overflow

A heap-based buffer overflow flaw was found in the Squid caching proxy. When processing the Uniform Resource Name URNs, specific conditions can lead to remote code execution...

9.8CVSS6.3AI score0.22744EPSS
Exploits1References7
CVE
CVE
added 2023/12/14 5:9 p.m.214 views

CVE-2023-50269

CVE-2023-50269 affects Squid, a web proxy/cache. The vulnerability is an Uncontrolled Recursion leading to a Denial of Service when a remote client sends a large X-Forwarded-For header with follow_x_forwarded_for enabled. Impact is DoS on HTTP request parsing; no confidentiality/integrity impact ...

8.6CVSS7.8AI score0.57627EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/12/13 12:0 a.m.49 views

SUSE SLES12 Security Update : squid (SUSE-SU-2023:4724-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4724-1 advisory. - CVE-2023-49285: Fixed buffer over read bug on HTTP Message processing flow bsc1217813 - CVE-2023-49286: Fixed Denial of Service...

8.6CVSS7.4AI score0.88818EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/12/13 12:0 a.m.34 views

SUSE SLES15 / openSUSE 15 Security Update : squid (SUSE-SU-2023:4698-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4698-1 advisory. - CVE-2023-49285: Fixed buffer over read bug on HTTP Message processing flow bsc1217813 - CVE-2023-49286: Fixed Denia...

8.6CVSS7.4AI score0.88818EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/12/06 10:2 a.m.3 views

squid-cache: Squid Buffer Overflow

A heap-based buffer overflow flaw was found in the Squid caching proxy. When processing the Uniform Resource Name URNs, specific conditions can lead to remote code execution...

9.8CVSS6.3AI score0.22744EPSS
Exploits1References7
NVD
NVD
added 2023/12/04 11:15 p.m.25 views

CVE-2023-49285

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds fo...

8.6CVSS0.88818EPSS
Exploits0References9
NVD
NVD
added 2023/12/04 11:15 p.m.25 views

CVE-2023-49286

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There a...

8.6CVSS0.10352EPSS
Exploits0References7
Prion
Prion
added 2023/12/04 11:15 p.m.33 views

Design/Logic Flaw

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There a...

5CVSS6.7AI score0.10352EPSS
Exploits0References7Affected Software1
UbuntuCve
UbuntuCve
added 2023/12/04 11:15 p.m.35 views

CVE-2023-49286

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There a...

8.6CVSS7.1AI score0.10352EPSS
Exploits0References5
Prion
Prion
added 2023/12/04 11:15 p.m.38 views

Design/Logic Flaw

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...

5CVSS6.9AI score0.04777EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/12/04 10:56 p.m.25 views

CVE-2023-49285 Denial of Service in HTTP Message Processing in Squid

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds fo...

8.6CVSS7.9AI score0.88818EPSS
Exploits0References11
CVE
CVE
added 2023/12/04 10:56 p.m.195 views

CVE-2023-49285

Summary: CVE-2023-49285 affects Squid, a web caching proxy. A buffer overread in HTTP Message processing can lead to Denial of Service. Public details describe this as fixed in Squid version 6.5 ; upgrade is advised. The primary sources note no user interaction and network-based attack potential,...

8.6CVSS7.8AI score0.88818EPSS
Exploits0References9Affected Software1
AlpineLinux
AlpineLinux
added 2023/12/04 10:49 p.m.25 views

CVE-2023-49288

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...

8.6CVSS7AI score0.04777EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.30 views

Important: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a...

8.6CVSS8.2AI score0.04012EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2023/11/07 2:37 p.m.55 views

CVE-2023-46728

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid. This issue may lead to a remote denial ...

7.5CVSS7.7AI score0.05955EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.19 views

Fedora 39 : python-flask (2023-ebc3be7db1)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-ebc3be7db1 advisory. Automatic update for python-flask-2.2.5-1.fc39. Changelog Tue May 9 2023 Frantisek Zatloukal - 2.2.5-1 - Update to 2.2.5 fixes RHBZ2196644 Tenable has...

7.5CVSS7.7AI score0.01261EPSS
Exploits1References2
NVD
NVD
added 2023/11/06 6:15 p.m.29 views

CVE-2023-46728

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggeri...

7.5CVSS7.8AI score0.05955EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2023/11/06 6:15 p.m.34 views

CVE-2023-46728

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggeri...

7.5CVSS6.9AI score0.05955EPSS
Exploits0References5
Prion
Prion
added 2023/11/06 6:15 p.m.26 views

Null pointer dereference

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggeri...

5CVSS6.9AI score0.05955EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder