Lucene search
+L

447 matches found

osv
osv
added 2024/03/06 6:14 p.m.6 views

CVE-2024-25111 SQUID-2024:1 Denial of Service in HTTP Chunked Decoding

Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...

8.6CVSS8.3AI score0.65254EPSS
Exploits0References8
redhat
redhat
added 2024/03/05 6:4 p.m.9 views

squid: NULL pointer dereference in the gopher protocol code

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid. This issue may lead to a remote denial ...

7.5CVSS5.8AI score0.05955EPSS
Exploits0References6
redhat
redhat
added 2024/03/05 8:20 a.m.41 views

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.6CVSS7.2AI score0.57627EPSS
Exploits0References2
cvelist
cvelist
added 2024/02/14 8:55 p.m.42 views

CVE-2024-25617 Denial of Service in HTTP Header parser in squid proxy

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Collapse of Data into Unsafe Value bug ,Squid may be vulnerable to a Denial of Service attack against HTTP header parsing. This problem allows a remote client or a remote server to perform Denial of...

5.3CVSS6.9AI score0.88864EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2024/02/14 12:0 a.m.5 views

The vulnerability of the Squid proxy server, related to pointer dereferencing errors, allows a hacker to cause a service failure.

The vulnerability of the Squid proxy server is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

7.8CVSS7.2AI score0.05955EPSS
Exploits0References15Affected Software15
redhat
redhat
added 2024/02/12 8:44 a.m.40 views

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.4AI score0.88818EPSS
Exploits1References7
redhat
redhat
added 2024/02/12 8:40 a.m.58 views

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this...

9.8CVSS7.4AI score0.88818EPSS
Exploits1References7
bdu_fstec
bdu_fstec
added 2024/02/02 12:0 a.m.5 views

The vulnerability of the Squid proxy server, related to the swapping of a pointer to a expired value, allows a hacker to trigger a service failure.

The vulnerability of the Squid proxy server is related to the assignment of a pointer to a deactivated resource. Exploiting this vulnerability allows an attacker who operates remotely to cause service interruptions...

6.8CVSS6.7AI score0.6005EPSS
Exploits1References12Affected Software4
nessus
nessus
added 2024/01/26 12:0 a.m.49 views

RHEL 8 : squid:4 (RHSA-2024:0397)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0397 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: DoS against...

9.8CVSS8.1AI score0.88818EPSS
Exploits1References15
redhat
redhat
added 2024/01/24 12:28 p.m.46 views

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.4AI score0.88818EPSS
Exploits1References7
nvd
nvd
added 2024/01/24 12:15 a.m.20 views

CVE-2024-23638

Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error pages for Client...

6.5CVSS7.2AI score0.6005EPSS
Exploits1References9
centos
centos
added 2024/01/12 7:20 p.m.65 views

squid security update

CentOS Errata and Security Advisory CESA-2023:6805 An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.6CVSS7.2AI score0.85944EPSS
Exploits0References7
amazon
amazon
added 2024/01/08 12:0 a.m.4 views

Important: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remot...

8.6CVSS6.9AI score0.57627EPSS
Exploits0
redhat
redhat
added 2024/01/03 9:13 p.m.4 views

squid: Denial of Service in SSL Certificate validation

A flaw was found in Squid. Due to an improper validation of the specified index bug, Squid compiled using --with-openssl is vulnerable to a denial of service attack against SSL Certificate validation. This flaw allows a remote server to perform a denial of service against the Squid Proxy by...

8.6CVSS5.8AI score0.04012EPSS
Exploits0References8
redhat
redhat
added 2024/01/03 9:13 p.m.41 views

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.6CVSS7.2AI score0.88818EPSS
Exploits0References5
osv
osv
added 2024/01/03 12:0 a.m.32 views

ALSA-2024:0046 Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Denial of Service in SSL Certificate validation CVE-2023-46724 squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728 squid: Buffer over-read...

8.6CVSS8.4AI score0.88818EPSS
Exploits0References10
fedora
fedora
added 2023/12/29 1:5 a.m.54 views

[SECURITY] Fedora 38 Update: squid-6.6-1.fc38

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

8.6CVSS7.7AI score0.88818EPSS
Exploits0
bdu_fstec
bdu_fstec
added 2023/12/22 12:0 a.m.5 views

The vulnerability of the Collapsed Forwarding Handler component in the Squid proxy server allows a hacker to induce a service failure.

The vulnerability of the Collapsed Forwarding Handler component in the Squid proxy server is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

7.8CVSS7.2AI score0.04777EPSS
Exploits0References5Affected Software3
bdu_fstec
bdu_fstec
added 2023/12/19 12:0 a.m.5 views

The vulnerability of the follow_x_forwarded_for() function in the Squid proxy server allows a hacker to trigger a service failure.

The vulnerability of the followxforwardedfor function in the Squid proxy server is related to an uncontrolled recursion during the processing of X-Forwarded-For HTTP requests. Exploiting this vulnerability could allow a remote attacker to cause service failures...

8.6CVSS7.4AI score0.57627EPSS
Exploits0References12Affected Software5
osv
osv
added 2023/12/14 6:15 p.m.3 views

UBUNTU-CVE-2023-50269

Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to...

8.6CVSS7.2AI score0.57627EPSS
Exploits0References5
Rows per page
Query Builder