Lucene search
K

6120 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Squid

Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URNs due to incorrect buffer management. This issue has been fixed in version 6.4. To address this problem, disable URN access...

9.8CVSS8.4AI score0.22744EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Squid

Squid is a caching proxy for the web that supports HTTP, HTTPS, FTP, and other protocols. Due to an out-of-bounds write vulnerability when assigning ESI variables, Squid is susceptible to a memory corruption error. This error can lead to a denial-of-service attack...

6.3CVSS6.6AI score0.06255EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Squid

A buffer overflow was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers were vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations were sent to a...

8.6CVSS7.8AI score0.0282EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Squid

A issue was discovered in Squid 4.9 through 4.17, and also in versions 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, sensitive information about clients using the proxy may be exposed through an HTTPS request to an internal cache manager URL. This issue has been fixed in versi...

6.5CVSS6.7AI score0.0169EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Squid

A issue was discovered in Squid before version 4.15 and 5.x before version 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack targeting all clients using the proxy through HTTP Range request processing...

6.5CVSS7AI score0.95785EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Squid

A issue was discovered in Squid before versions 4.15 and 5.x before version 5.0.6. An integer overflow problem allows a remote server to cause a Denial of Service when delivering responses to HTTP Range requests. The issue is triggered by a header that is expected to exist in HTTP traffic, withou...

6.5CVSS7AI score0.15972EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Squid

A issue was discovered in Squid before version 4.15 and 5.x before version 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack targeting all clients using the proxy. A client sends an HTTP Range request to trigger this vulnerability...

6.5CVSS6.9AI score0.05492EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Squid

Squid is a caching proxy for the Web. Due to an uncontrolled recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack involving HTTP request parsing. This issue allows a remote client to carr...

8.6CVSS7.4AI score0.57627EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Squid

Squid is vulnerable to a Denial of Service attack, where a remote attacker can carry out a buffer overflow attack by writing up to 2 MB of arbitrary data into heap memory when Squid is configured to accept HTTP Digest Authentication...

8.6CVSS8.2AI score0.85944EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Squid

SQUID is vulnerable to HTTP request smuggling, which is caused by the laxity of the chunked decoder. This allows a remote attacker to perform Request/Response smuggling beyond the firewall and frontend security systems...

9.3CVSS7.2AI score0.05255EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Squid

Squid is a caching proxy for the Web that supports HTTP, HTTPS, FTP, and other protocols. Due to a NULL pointer dereference bug, Squid is vulnerable to Denial of Service attacks targeting its Gopher gateway. The Gopher protocol was always available and enabled in Squid prior to Squid 6.0.1...

7.5CVSS7.4AI score0.05955EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Squid

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, a Denial of Service can occur due to improper buffer management when processing long Gopher server responses...

6.5CVSS6.9AI score0.0362EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Squid

In versions 4.14 and 5.x through 5.0.5, in some configurations, the Squid vulnerability allows information disclosure due to an out-of-bounds read in the WCCP protocol data. This vulnerability can be exploited as part of a chain for remote code execution, as there is no one to protect it...

5.3CVSS6.8AI score0.13005EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Squid

A issue was discovered in Squid 4.x before 4.15, and in 5.x before 5.0.6. If a remote server sends a certain response header via HTTP or HTTPS, it can lead to a denial of service. This header can potentially appear in legitimate network traffic...

6.5CVSS6.9AI score0.71867EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.12 views

Oracle Linux 7 : squid (ELSA-2026-8880)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8880 advisory. - Security update for CVE-2026-32748 CVE-2026-33526 Orabug: 39230173 - Fixes CVE-2025-62168, squid: Squid vulnerable to information disclosure via -...

10CVSS7.4AI score0.6332EPSS
Exploits2References3
Oracle linux
Oracle linux
added 2026/05/19 12:0 a.m.18 views

squid security update

7:3.5.20-17.0.11.13 - Security update for CVE-2026-32748 CVE-2026-33526 Orabug: 39230173 7:3.5.20-17.0.9.13 - Fixes CVE-2025-62168, squid: Squid vulnerable to information disclosure via - authentication credential leakage in error handling Orabug: 38587551 7:3.5.20-17.0.7.13 - Fixes CVE-2025-5457...

9.2CVSS5.8AI score0.6332EPSS
Exploits2
Schneier on Security
Schneier on Security
added 2026/05/16 1:3 a.m.17 views

Friday Squid Blogging: Bigfin Squid

Article about the bigfin squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

5.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/05/08 9:3 p.m.11 views

Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia

Evidence of them has been found by analyzing DNA in the seawater. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

5.7AI score
Exploits0
OSV
OSV
added 2026/05/08 9:1 p.m.7 views

CLSA-2026-1778252773 squid: Fix of CVE-2022-41317

CVE-2022-41317: fix exposure of sensitive cache manager information via non-HTTP URI schemes due to typo in default manager ACL regex...

6.5CVSS6.6AI score0.0169EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.9 views

TencentOS Server 2: squid (TSSA-2026:0280)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0280 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

9.2CVSS5.9AI score0.08942EPSS
Exploits0References3
Rows per page
Query Builder