Lucene search
K

86 matches found

OSV
OSV
added 2024/04/08 9:28 a.m.6 views

SUSE-SU-2024:1131-1 Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: - CVE-2024-25126: Fixed a denial-of-service vulnerability in Rack Content-Type parsing bsc1220239. - CVE-2024-26141: Fixed a denial-of-service vulnerability in Range request header parsing bsc1220242. - CVE-2024-26146: Fixed a...

7.5CVSS6.9AI score0.35376EPSS
Exploits2References7
OSV
OSV
added 2024/03/20 9:27 a.m.7 views

SUSE-SU-2024:0946-1 Security update for rubygem-rack-1_4

This update for rubygem-rack-14 fixes the following issues: - CVE-2024-25126: Fixed a Denial of Service Vulnerability in Rack Content-Type Parsing bsc1220239 - CVE-2024-26141: Fixed a Denial of Service Vulnerability in Range request header parsing bsc1220242 - CVE-2024-26146: Fixed a Denial of...

7.5CVSS7.6AI score0.35376EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.30 views

Amazon Linux 2 : squid (ALASSQUID4-2023-004)

The version of squid installed on the remote host is prior to 4.15-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2SQUID4-2023-004 advisory. Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an...

7.5CVSS6.6AI score0.95785EPSS
Exploits5References18
OSV
OSV
added 2023/06/07 4:26 p.m.12 views

GHSA-VJ2M-9F5J-MPR5 Vapor vulnerable to denial of service in HTTP Range Request of FileMiddleware

Vapor is an HTTP web framework for Swift and middleware is a logic chain between the client and a Vapor route handler. FileMiddleware enables the serving of assets from the Public folder of a project to the client. Vapor before 4.60.3 is vulnerable to denial of service due to an integer overflow...

7.5CVSS7.5AI score0.0189EPSS
Exploits1References5
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/07 12:0 a.m.14 views

Vapor vulnerable to denial of service in HTTP Range Request of FileMiddleware

Vapor is an HTTP web framework for Swift and middleware is a logic chain between the client and a Vapor route handler. FileMiddleware enables the serving of assets from the Public folder of a project to the client. Vapor before 4.60.3 is vulnerable to denial of service due to an integer overflow...

7.5CVSS6.9AI score0.0189EPSS
Exploits1References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/02/23 12:0 a.m.36 views

Amazon Linux AMI : squid (ALAS-2023-1687)

The version of squid installed on the remote host is prior to 3.5.20-17.44. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1687 advisory. An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of...

7.5CVSS6.7AI score0.95785EPSS
Exploits5References16
Tenable Nessus
Tenable Nessus
added 2023/02/22 12:0 a.m.116 views

Amazon Linux 2 : squid (ALAS-2023-1950)

The version of squid installed on the remote host is prior to 3.5.20-17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1950 advisory. An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of...

7.5CVSS6.7AI score0.95785EPSS
Exploits5References16
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.1 views

SUSE CVE-2013-1736

The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via...

10CVSS9.2AI score0.05391EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:32 a.m.1 views

SUSE CVE-2014-0128

Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service assertion failure via a crafted range request, related to state management...

5CVSS6.7AI score0.3263EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:41 a.m.3 views

SUSE CVE-2021-31808

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack against all clients using the proxy. A client sends an HTTP Range request to trigger this...

6.5CVSS9.2AI score0.05492EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/05/31 7:35 p.m.53 views

CVE-2022-31005 Integer Overflow in Vapor's HTTP Range Request

Vapor is an HTTP web framework for Swift. Users of Vapor prior to version 4.60.3 with FileMiddleware enabled are vulnerable to an integer overflow vulnerability that can crash the application. Version 4.60.3 contains a patch for this issue. As a workaround, disable FileMiddleware and serve via a...

7.5CVSS7.8AI score0.0189EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.35 views

Oracle Linux 8 : squid:4 (ELSA-2021-4292)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4292 advisory. libecap squid 7:4.15-1 - new version 4.15 - Resolves: 1964384 - squid:4 rebase to 4.15 7:4.11-5 - Resolves: 1944261 - CVE-2020-25097 squid:4/squid:...

8.6CVSS6.7AI score0.95785EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2021/10/25 12:0 a.m.50 views

EulerOS 2.0 SP3 : squid (EulerOS-SA-2021-2618)

According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving ...

7.5CVSS7.2AI score0.95785EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2021/09/27 12:0 a.m.78 views

EulerOS 2.0 SP5 : squid (EulerOS-SA-2021-2519)

According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a...

7.5CVSS6.7AI score0.95785EPSS
Exploits5References8
OpenVAS
OpenVAS
added 2021/09/15 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2021-2433)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.4AI score0.95785EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2021/09/14 12:0 a.m.24 views

EulerOS 2.0 SP2 : squid (EulerOS-SA-2021-2433)

According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default...

8.6CVSS7.3AI score0.95785EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.29 views

EulerOS 2.0 SP8 : squid (EulerOS-SA-2021-2317)

According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack agains...

7.5CVSS6.7AI score0.95785EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2021/06/15 12:0 a.m.24 views

Debian DLA-2685-1 : squid3 security update

Several vulnerabilities were discovered in Squid, a proxy caching server. CVE-2021-28651 Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology tha...

7.5CVSS6.8AI score0.95785EPSS
Exploits5References9
NVD
NVD
added 2021/06/08 8:15 p.m.18 views

CVE-2021-31807

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious...

6.5CVSS0.15972EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2021/06/03 12:0 a.m.27 views

Ubuntu 18.04 LTS / 20.04 LTS : Squid vulnerabilities (USN-4981-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4981-1 advisory. Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cau...

7.5CVSS6.7AI score0.95785EPSS
Exploits5References8
Rows per page
Query Builder