109 matches found
CVE-2025-59362
CVE-2025-59362 affects Squid up to version 7.1, due to mishandling of ASN.1 encoding of long SNMP OIDs in asn_build_objid (lib/snmplib/asn1.c). The issue is triggered by the ASN.1 encoding path and is described across multiple advisories/documentation in Connected documents. Impact according to t...
CVE-2005-0211
CVE-2005-0211 describes a buffer overflow in Squid’s WCCP handling: the wccp.c recvfrom path in Squid 2.5 before 2.5.STABLE7 processes an oversized WCCP packet due to an incorrect length parameter, enabling remote attackers to cause a denial of service and possibly execute arbitrary code. Affecte...
CVE-2010-3072
CVE-2010-3072 affects Squid 3.x: string comparisons in String.cci on 3.1.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to trigger a NULL pointer dereference, causing a daemon crash (DoS). Concrete variants observed in advisories include upgrades to Squid 3.1.10 (and related patch...
CVE-2010-2951
CVE-2010-2951 affects Squid 3.1.6; the issue resides in dns_internal.cc when IPv6 DNS resolution is disabled, where an IPv4 TCP DNS query can trigger an invalid socket, enabling remote denial-of-service through IPv4 DNS responses with the TC bit set. Public references describe patches and vendor ...
CVE-2014-9749
CVE-2014-9749 affects Squid 3.4.4–3.4.11 and 3.5.0.1–3.5.1. The issue is a nonce replay vulnerability in Digest authentication that lets remote authenticated users retain access by reusing a stale nonce. Public details across connected sources (SUSE/OpenVAS/Nessus references) confirm the affected...
CVE-2012-2213
CVE-2012-2213 affects Squid 3.1.9. The issue allows remote attackers to bypass access control for the CONNECT method by supplying an arbitrary hostname in the Host HTTP header, enabling potential access to blocked sites via SSL. The core cause is host header-based ACL evaluation in the CONNECT ha...
CVE-2026-32748
CVE-2026-32748 affects Squid, a web caching proxy. The issue is a heap Use-After-Free in ICP handling, allowing a remote attacker to cause Denial of Service when ICP is enabled (icp_port configured). The attack is remote, requires ICP support, and cannot be mitigated by icp_access rules. A fix is...
CVE-2026-33526
Summary (CVE-2026-33526): Squid before version 7.5 is vulnerable to a Denial of Service via a heap Use-After-Free in ICP traffic handling. The attack requires an ICP-enabled deployment (non-zero icp_port) and remote elicitation, and is described as reliable and repeatable for causing service disr...
CVE-2026-33515
Squid (web caching proxy) is affected by CVE-2026-33515 due to improper input validation in ICP message handling, leading to an out-of-bounds read that may disclose memory contents when responding to invalid ICP requests. The issue is limited to deployments with ICP enabled (icp_port non-zero) an...