Squid Security Vulnerabilities and Issues — Squid CVE List

Lucene search

Squid-cacheSquid

10 matches found

CVE•added 2021/03/19 5:15 a.m.•514 views

CVE-2020-25097

An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.

8.6CVSS8.4AI score0.01799EPSS

CVE•added 2021/05/27 12:15 p.m.•464 views

CVE-2021-28651

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a l...

7.5CVSS7.3AI score0.03713EPSS

CVE•added 2021/05/27 12:15 p.m.•333 views

CVE-2021-28652

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short query...

4.9CVSS5.9AI score0.00304EPSS

CVE•added 2021/06/08 8:15 p.m.•320 views

CVE-2021-31807

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious inte...

6.5CVSS6.8AI score0.3759EPSS

CVE•added 2021/05/27 1:15 p.m.•297 views

CVE-2021-31806

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range request processing.

6.5CVSS6.7AI score0.6754EPSS

CVE•added 2021/05/27 12:15 p.m.•288 views

CVE-2021-28662

An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic.

6.5CVSS6.7AI score0.08921EPSS

CVE•added 2021/03/09 10:15 p.m.•285 views

CVE-2021-28116

Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.

5.3CVSS5.8AI score0.04628EPSS

CVE•added 2021/05/28 12:15 p.m.•251 views

CVE-2021-33620

Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.

6.5CVSS6.5AI score0.03253EPSS

CVE•added 2021/05/27 2:15 p.m.•242 views

CVE-2021-31808

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.

6.5CVSS6.6AI score0.0027EPSS

CVE•added 2021/10/18 9:15 a.m.•113 views

CVE-2021-41611

An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted. This problem allows a remote server to obtain security trust well improperly. This indication of trust may be passed...

7.5CVSS7.2AI score0.02164EPSS