Max CVSS 7.5 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-12527 6.8
An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leadin
28-02-2023 - 20:49 11-07-2019 - 19:15
CVE-2019-12529 4.3
An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be
26-04-2022 - 20:22 11-07-2019 - 19:15
CVE-2019-12525 7.5
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if t
26-04-2022 - 20:18 11-07-2019 - 19:15
CVE-2019-12854 5.0
Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clien
01-01-2022 - 20:18 15-08-2019 - 17:15
CVE-2019-13345 4.3
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
11-07-2020 - 00:15 05-07-2019 - 16:15
CVE-2019-3688 6.6
The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an att
21-11-2019 - 19:15 07-10-2019 - 14:15
Back to Top Mark selected
Back to Top