Search CVE reports


Toggle filters

11 – 20 of 140 results


CVE-2023-46728

Medium priority
Fixed

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Ignored Ignored
squid3 Not in release Not in release Fixed Fixed
Show less packages

CVE-2023-5824

Medium priority

Some fixes available 5 of 8

Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Fixed Ignored Ignored
squid3 Not in release Not in release Not in release Vulnerable Vulnerable
Show less packages

CVE-2023-46848

Medium priority
Fixed

Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Not affected Ignored Ignored
squid3 Not in release Not in release Not affected Not affected
Show less packages

CVE-2023-46847

Medium priority
Fixed

Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Ignored Ignored
squid3 Not in release Not in release Fixed Fixed
Show less packages

CVE-2023-46846

Medium priority

Some fixes available 6 of 8

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Fixed Ignored Ignored
squid3 Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2023-46724

Medium priority

Some fixes available 5 of 7

Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Not affected Ignored Ignored
squid3 Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2022-41318

Medium priority
Fixed

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Fixed Not in release Ignored
squid3 Not in release Not in release Fixed Fixed
Show less packages

CVE-2022-41317

Medium priority
Fixed

An issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, there can be Exposure of Sensitive Information about clients using the proxy via an HTTPS request to an...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Not in release Not in release
squid3 Not in release Not in release Not affected Not affected
Show less packages

CVE-2021-46784

Medium priority

Some fixes available 9 of 10

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Fixed Not in release Not in release
squid3 Not in release Not in release Not in release Fixed Vulnerable
Show less packages

CVE-2021-41611

Medium priority
Not affected

An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted. This problem allows a remote server to obtain...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Not affected Not affected Not in release Not in release
squid3 Not in release Not in release Not affected Not affected
Show less packages