Search CVE reports


Toggle filters

61 – 70 of 142 results


CVE-2018-19132

Low priority

Some fixes available 2 of 3

Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid Not in release
squid3 Fixed
Show less packages

CVE-2018-19131

Low priority
Not affected

Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid Not in release
squid3 Not affected
Show less packages

CVE-2018-1172

Low priority
Ignored

This vulnerability allows remote attackers to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists...

1 affected package

squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid3 Not affected
Show less packages

CVE-2018-1000027

Low priority
Fixed

The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to...

1 affected package

squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid3 Fixed
Show less packages

CVE-2018-1000024

Low priority
Fixed

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using...

1 affected package

squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid3 Fixed
Show less packages

CVE-2016-5408

Medium priority
Not affected

Stack-based buffer overflow in the munge_other_line function in cachemgr.cgi in the squid package before 3.1.23-16.el6_8.6 in Red Hat Enterprise Linux 6 allows remote attackers to execute arbitrary code via unspecified vectors. ...

1 affected package

squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid3
Show less packages

CVE-2016-4556

Medium priority
Fixed

Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.

1 affected package

squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid3
Show less packages

CVE-2016-4555

Medium priority
Fixed

client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.

1 affected package

squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid3
Show less packages

CVE-2016-4554

Medium priority
Fixed

mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.

1 affected package

squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid3
Show less packages

CVE-2016-4553

Medium priority
Fixed

client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.

1 affected package

squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid3
Show less packages