Search CVE reports


Toggle filters

51 – 60 of 140 results


CVE-2019-12526

Medium priority
Fixed

An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Not in release Not in release
squid3 Not in release Fixed Fixed
Show less packages

CVE-2019-12523

Medium priority
Fixed

An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Not in release Not in release
squid3 Not in release Fixed Fixed
Show less packages

CVE-2019-3688

Medium priority
Not affected

The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions....

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Not in release Not in release
squid3 Not affected Not affected
Show less packages

CVE-2019-12854

Low priority
Fixed

Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Not in release Not in release
squid3 Not affected Not affected
Show less packages

CVE-2019-12529

Medium priority

Some fixes available 3 of 4

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Not in release Not in release
squid3 Fixed Fixed
Show less packages

CVE-2019-12527

Medium priority

Some fixes available 1 of 2

An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Not in release Not in release
squid3 Not affected Not affected
Show less packages

CVE-2019-12525

Medium priority

Some fixes available 3 of 4

An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Not in release Not in release
squid3 Fixed Fixed
Show less packages

CVE-2019-13345

Medium priority

Some fixes available 3 of 4

The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Not in release Not in release
squid3 Fixed Fixed
Show less packages

CVE-2018-19131

Low priority
Not affected

Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Not in release Not in release
squid3 Not affected Not affected
Show less packages

CVE-2018-19132

Low priority

Some fixes available 2 of 3

Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Not in release Not in release
squid3 Fixed Fixed
Show less packages