Squid security vulnerability

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A security vulnerability exists in versions prior to Squid 6.5 that originates from allowing remote clients or remote...

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Malicious code in noblox.js-proxy-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2b3d7766d2ada5a6d17ae9ae430365649d4034341202ba6fc6a07a0ab6a553fb The OpenSSF Package Analysis project identified 'noblox.js-proxy-server' @ 4.15.1 npm as malicious. It is considered malicious because: - The...

MAL-2024-130 Malicious code in noblox.js-proxy-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2b3d7766d2ada5a6d17ae9ae430365649d4034341202ba6fc6a07a0ab6a553fb The OpenSSF Package Analysis project identified 'noblox.js-proxy-server' @ 4.15.1 npm as malicious. It is considered malicious because: - The...

CVE-2023-51701 @fastify-reply-from JSON Content-Type parsing confusion

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with @fastify/reply-from could misinterpret the incoming body by passing an header ContentType: application/json ; charset=utf-8. This can lead to bypass of security checks...

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2024:0071 Important: squid security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Denial of Service in SSL Certificate validation CVE-2023-46724 squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728 squid: Buffer over-read...

GHSA-C9V7-WMWJ-VF6X Withdrawn Advisory: SFTP is possible on the Proxy server for any user with SFTP access

Withdrawn Advisory This advisory has been withdrawn because the vulnerability affects a binary, not a library in a supported ecosystem. Therefore, users of the library should not receive alerts. This link is maintained to preserve external references. Original Description Impact An attacker that...

Withdrawn Advisory: SFTP is possible on the Proxy server for any user with SFTP access

Withdrawn Advisory This advisory has been withdrawn because the vulnerability affects a binary, not a library in a supported ecosystem. Therefore, users of the library should not receive alerts. This link is maintained to preserve external references. Original Description Impact An attacker that...

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2024:0046 Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Denial of Service in SSL Certificate validation CVE-2023-46724 squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728 squid: Buffer over-read...

Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Denial of Service in SSL Certificate validation CVE-2023-46724 squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728 squid: Buffer over-read...

Apache 2.4.55 mod_proxy HTTP Request Smuggling

Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the...

OESA-2023-1983 rubygem-puma security update

A simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Security Fixes: Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using puma with a proxy which forwards HTTP header values which contain the LF character could allow...

RLSA-2023:7668 Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: DoS against HTTP and HTTPS CVE-2023-5824 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: DoS against HTTP and HTTPS CVE-2023-5824 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

Exploit for HTTP Request Smuggling in Apache Http_Server

CVE-2023-25690 Mô tả CVE-2023-25690: - Một vài cấu hình mod...

Squid security vulnerability

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A security vulnerability exists in Squid versions prior to 6.5, which stems from incorrect error checking of function...

Critical: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

squid:4 security update

An update is available for module.libecap, module.squid, squid, libecap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Squid is a high-performance proxy cachin...