| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-8450 | 7.5 |
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
|
21-07-2021 - 11:39 | 04-02-2020 - 20:15 | |
| CVE-2020-11945 | 7.5 |
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a s
|
17-03-2021 - 12:40 | 23-04-2020 - 15:15 | |
| CVE-2019-13345 | 4.3 |
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
|
11-07-2020 - 00:15 | 05-07-2019 - 16:15 | |
| CVE-2016-3948 | 5.0 |
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
|
16-03-2018 - 01:29 | 07-04-2016 - 18:59 | |
| CVE-2016-10002 | 5.0 |
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack req
|
05-01-2018 - 02:30 | 27-01-2017 - 17:59 |