Squid@2.7 Security Vulnerabilities and Issues — Squid@2.7 CVE List

Lucene search

Squid-cacheSquid2.7

3 matches found

CVE•added 2019/07/11 7:15 p.m.•397 views

CVE-2019-12529

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking...

5.9CVSS7AI score0.18267EPSS

CVE•added 2019/11/26 5:15 p.m.•376 views

CVE-2019-18679

An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information red...

7.5CVSS8.5AI score0.68491EPSS

CVE•added 2019/11/26 5:15 p.m.•345 views

CVE-2019-18677

An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be deli...

6.1CVSS7.4AI score0.04678EPSS