logo
DATABASE RESOURCES PRICING ABOUT US

Squid vulnerabilities

Description

Jeriko One discovered that Squid incorrectly handled caching certain requests. A remote attacker could possibly use this issue to perform cache-injection attacks or gain access to reverse proxy features such as ESI. (CVE-2019-12520) Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled certain URN requests. A remote attacker could possibly use this issue to bypass access checks. (CVE-2019-12523) Jeriko One discovered that Squid incorrectly handled URL decoding. A remote attacker could possibly use this issue to bypass certain rule checks. (CVE-2019-12524) Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled input validation. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2019-18676)


Affected Package


OS OS Version Package Name Package Version
Ubuntu 18.04 squid 3.5.27-1ubuntu1.7
Ubuntu 18.04 squid-cgi 3.5.27-1ubuntu1.7
Ubuntu 18.04 squid-common 3.5.27-1ubuntu1.7
Ubuntu 18.04 squid-dbg 3.5.27-1ubuntu1.7
Ubuntu 18.04 squid-purge 3.5.27-1ubuntu1.7
Ubuntu 18.04 squid3 3.5.27-1ubuntu1.7
Ubuntu 18.04 squidclient 3.5.27-1ubuntu1.7
Ubuntu 16.04 squid 3.5.12-1ubuntu7.12
Ubuntu 16.04 squid-cgi 3.5.12-1ubuntu7.12
Ubuntu 16.04 squid-cgi-dbgsym 3.5.12-1ubuntu7.12
Ubuntu 16.04 squid-common 3.5.12-1ubuntu7.12
Ubuntu 16.04 squid-dbg 3.5.12-1ubuntu7.12
Ubuntu 16.04 squid-dbgsym 3.5.12-1ubuntu7.12
Ubuntu 16.04 squid-purge 3.5.12-1ubuntu7.12
Ubuntu 16.04 squid-purge-dbgsym 3.5.12-1ubuntu7.12
Ubuntu 16.04 squid3 3.5.12-1ubuntu7.12
Ubuntu 16.04 squidclient 3.5.12-1ubuntu7.12
Ubuntu 16.04 squidclient-dbgsym 3.5.12-1ubuntu7.12

Related