Squid@3.5.0.3 Security Vulnerabilities and Issues — Squid@3.5.0.3 CVE List

Lucene search

Squid-cacheSquid3.5.0.3

2 matches found

CVE•added 2015/05/18 3:59 p.m.•69 views

CVE-2015-3455

Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificat...

2.6CVSS7.2AI score0.05013EPSS

CVE•added 2015/11/06 9:59 p.m.•51 views

CVE-2014-9749

Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."

4CVSS7.2AI score0.02832EPSS