The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Squid

Squid cache: integer overflow via the HTTP Digest authentication
An attacker can trigger an integer overflow via the HTTP Digest authentication in Squid cache, in order to trigger a denial of service, and possibly to run code...
CERTFR-2020-AVI-239, CVE-2020-11945, DLA-2278-1, DSA-4682-1, FEDORA-2020-56e809930e, FEDORA-2020-848065cc4c, FEDORA-2020-a6a921a591, openSUSE-SU-2020:0623-1, RHSA-2020:2038-01, RHSA-2020:2039-01, RHSA-2020:2040-01, RHSA-2020:2041-01, SQUID-2019:12, SQUID-2020:4, SUSE-SU-2020:1134-1, SUSE-SU-2020:1156-1, SUSE-SU-2020:1227-1, USN-4356-1, VIGILANCE-VUL-32088
Squid cache: buffer overflow via ESI
An attacker can trigger a buffer overflow via ESI of Squid cache, in order to trigger a denial of service, and possibly to run code...
CERTFR-2020-AVI-239, CVE-2019-12519, CVE-2019-12521, DLA-2278-1, DSA-4682-1, openSUSE-SU-2020:0623-1, RHSA-2020:2038-01, RHSA-2020:2039-01, RHSA-2020:2040-01, RHSA-2020:2041-01, SQUID-2019:12, SQUID-2020:4, SUSE-SU-2020:1134-1, SUSE-SU-2020:1156-1, SUSE-SU-2020:1227-1, USN-4356-1, VIGILANCE-VUL-32087
Squid: two vulnerabilities via Cache Manager
An attacker can use several vulnerabilities via Cache Manager of Squid...
CVE-2019-12520, CVE-2019-12524, DLA-2278-1, DSA-4682-1, openSUSE-SU-2019:2540-1, openSUSE-SU-2019:2541-1, SQUID-2019:4, SUSE-SU-2019:2975-1, SUSE-SU-2020:1227-1, USN-4446-1, VIGILANCE-VUL-32071
Squid cache: Cross Site Scripting via Hostname cachemgr.cgi
An attacker can trigger a Cross Site Scripting via Hostname cachemgr.cgi of Squid cache, in order to run JavaScript code in the context of the web site...
CVE-2019-18860, DLA-2278-1, DSA-4732-1, FEDORA-2019-9538783033, openSUSE-SU-2019:2540-1, openSUSE-SU-2019:2541-1, openSUSE-SU-2020:0623-1, SUSE-SU-2019:2975-1, SUSE-SU-2019:3067-1, SUSE-SU-2020:1134-1, SUSE-SU-2020:1156-1, SUSE-SU-2020:1803-1, USN-4356-1, VIGILANCE-VUL-31857
Squid cache: memory corruption via ext_lm_group_acl helper
An attacker can trigger a memory corruption via ext_lm_group_acl helper of Squid cache, in order to trigger a denial of service, and possibly to run code...
CERTFR-2020-AVI-070, CVE-2020-8517, openSUSE-SU-2020:0307-1, openSUSE-SU-2020:0606-1, openSUSE-SU-2020:0623-1, SQUID-2020:3, SUSE-SU-2020:0487-1, SUSE-SU-2020:0493-1, SUSE-SU-2020:0661-1, SUSE-SU-2020:1134-1, SUSE-SU-2020:1156-1, USN-4289-1, VIGILANCE-VUL-31498
Squid cache: information disclosure via FTP Gateway
A local attacker can read a memory fragment via FTP Gateway of Squid cache, in order to obtain sensitive information...
CERTFR-2020-AVI-070, CVE-2019-12528, DLA-2278-1, DSA-4682-1, FEDORA-2020-56e809930e, FEDORA-2020-790296a8f4, FEDORA-2020-ab8e7463ab, openSUSE-SU-2020:0307-1, openSUSE-SU-2020:0606-1, openSUSE-SU-2020:0623-1, SQUID-2020:2, SUSE-SU-2020:0487-1, SUSE-SU-2020:0493-1, SUSE-SU-2020:0661-1, SUSE-SU-2020:1134-1, SUSE-SU-2020:1156-1, USN-4289-1, VIGILANCE-VUL-31497
Squid cache: five vulnerabilities
An attacker can use several vulnerabilities of Squid cache...
CERTFR-2019-AVI-552, CVE-2019-12523, CVE-2019-12526, CVE-2019-18676, CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, DLA-2028-1, DLA-2278-1, DSA-4682-1, FEDORA-2019-9538783033, openSUSE-SU-2019:2540-1, openSUSE-SU-2019:2541-1, SQUID-2019:10, SQUID-2019:11, SQUID-2019:7, SQUID-2019:8, SQUID-2019:9, SUSE-SU-2019:2975-1, SUSE-SU-2019:3067-1, SUSE-SU-2020:0661-1, USN-4213-1, USN-4446-1, VIGILANCE-VUL-30798
Squid: out-of-bounds memory reading via cachemgr.cgi
An attacker can force a read at an invalid address via cachemgr.cgi of Squid, in order to trigger a denial of service, or to obtain sensitive information...
CERTFR-2019-AVI-332, CVE-2019-12854, DSA-4507-1, openSUSE-SU-2019:2540-1, openSUSE-SU-2019:2541-1, SQUID-2019:1, SUSE-SU-2019:2975-1, USN-4213-1, VIGILANCE-VUL-29769
Squid: information disclosure via Basic Authentication uudecode
An attacker can bypass access restrictions to data via Basic Authentication uudecode of Squid, in order to obtain sensitive information...
CERTFR-2019-AVI-332, CVE-2019-12529, DLA-1858-1, DLA-2278-1, DSA-4507-1, openSUSE-SU-2019:2540-1, openSUSE-SU-2019:2541-1, SQUID-2019:2, SUSE-SU-2019:2089-1, SUSE-SU-2019:2975-1, USN-4065-1, USN-4065-2, VIGILANCE-VUL-29762
Squid: buffer overflow via Basic Authentication HttpHeader-getAuth
An attacker can trigger a buffer overflow via Basic Authentication HttpHeader::getAuth of Squid, in order to trigger a denial of service, and possibly to run code...
CERTFR-2019-AVI-332, CVE-2019-12527, DSA-4507-1, openSUSE-SU-2019:2540-1, openSUSE-SU-2019:2541-1, RHSA-2019:2593-01, SQUID-2019:5, SUSE-SU-2019:2975-1, USN-4065-1, VIGILANCE-VUL-29761
Our database contains other pages. You can request a free trial to read them.

Display information about Squid: