Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Hacker One
Hacker Oneadded 2020/03/19 4:44 p.m.60 views

Internet Bug Bounty: Cache Poisoning

Summary: An attacker can cause Squid to return to the user attacker controlled data, for any domain. From Squid-4.7 and below both HTTPS and FTP could be poisoned. This is due to Squid URL decoding parts of the Request URL and using that to create a hash. Request that decode to the same URL will...

7.5CVSS8.6AI score0.06184EPSS
Exploits0
ALT Linux
ALT Linuxadded 2020/03/16 12:0 a.m.45 views

Security fix for the ALT Linux 9 package squid version 4.10-alt1

4.10-alt1 built March 16, 2020 Alexey Shabalin in task 247850 --- March 14, 2020 Alexey Shabalin - Updated to 4.10. - Fixes: + CVE-2019-12526 Heap Overflow issue in URN processing. + CVE-2019-12523 Multiple issues in URI processing. + CVE-2019-18676 Multiple issues in URI processing. +...

7.5CVSS0.6AI score0.46309EPSS
Exploits0
Hacker One
Hacker Oneadded 2020/01/20 9:46 p.m.37 views

Internet Bug Bounty: Squid as reverse proxy RCE and data leak

Summary: This was a very difficult experience as Squid maintainers took a long time to answer. I tried getting help from HackerOne support, Dropbox support and the Internet Bug Bounty never e-mailed me back to no avail. What could have taken a few days took months. The vulnerability concerns a...

7.6AI score
Exploits0
Rows per page
Query Builder