squid

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Full-featured Web proxy cache server
Version 5.2-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1975 4.14-1 4.15-1 High Fixed
AVG-1949 4.14-1 4.15-1 High Fixed
AVG-1667 5.1-1 5.2-1 High Fixed
AVG-1146 4.10-2 4.12-1 Critical Fixed
AVG-1062 4.8-2 4.9-1 Critical Fixed
AVG-1004 4.7-2 4.8-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2021-41611 AVG-1667 High Yes Certificate verification bypass
When validating an origin server or peer certificate, Squid 5 before version 5.2 may incorrectly classify certain certificates as trusted. This problem...
CVE-2021-31808 AVG-1975 High Yes Denial of service
Due to an incorrect input validation bug Squid before version 4.15 is vulnerable to a denial of service attack against all clients using the proxy by a...
CVE-2021-31807 AVG-1975 High Yes Denial of service
Due to an incorrect input validation bug Squid before version 4.15 is vulnerable to a denial of service attack against all clients using the proxy by a...
CVE-2021-31806 AVG-1975 High Yes Denial of service
Due to an incorrect input validation bug Squid before version 4.15 is vulnerable to a denial of service attack against all clients using the proxy by a...
CVE-2021-28662 AVG-1949 Medium Yes Denial of service
Due to an input validation bug Squid before version 4.15 is vulnerable to a denial of service against all clients using the proxy.
CVE-2021-28652 AVG-1949 Medium Yes Denial of service
Due to an incorrect parser validation bug Squid before version 4.15 is vulnerable to a denial of Service attack against the Cache Manager API.
CVE-2021-28651 AVG-1949 High Yes Denial of service
Due to a buffer management bug Squid before version 4.15 is vulnerable to a denial of service attack against the server it is operating on. This attack is...
CVE-2021-28116 AVG-1667 High Yes Information disclosure
Squid before version 5.2, in some configurations, allows information disclosure because of an out-of-bounds read in WCCPv2 protocol data. This problem...
CVE-2020-11945 AVG-1146 Critical Yes Arbitrary code execution
An integer overflow has been found in Squid before 4.11 or 5.0.2. When memory pooling is used this problem allows a remote client to replay a sniffed Digest...
CVE-2019-18679 AVG-1062 Medium Yes Information disclosure
An information disclosure issue has been found in Squid before 4.9, when processing HTTP Digest Authentication. The nonce tokens contain the raw byte value...
CVE-2019-18678 AVG-1062 High Yes Content spoofing
A HTTP request splitting issue has been found in Squid before 4.9. This issue allows attackers to smuggle HTTP requests through frontend software to a Squid...
CVE-2019-12527 AVG-1004 Critical Yes Arbitrary code execution
Due to incorrect buffer management Squid versions prior to 4.8 are vulnerable to a heap overflow and possible remote code execution attack when processing...
CVE-2019-12526 AVG-1062 Critical Yes Arbitrary code execution
A heap-based buffer overflow has been found in Squid before 4.9, when processing URN.
CVE-2019-12521 AVG-1146 High Yes Content spoofing
A heap-based out-of-bounds write has been found in Squid before 4.11 or 5.0.2., where a crafted ESI response sent from an upstream server can truncate...
CVE-2019-12519 AVG-1146 High Yes Arbitrary code execution
A stack-based out-of-bounds write has been found in Squid before 4.11 or 5.0.2., where a crafted ESI response sent from an upstream server can overwrite...

Advisories

Date Advisory Group Severity Type
19 May 2021 ASA-202105-10 AVG-1949 High denial of service
07 Nov 2019 ASA-201911-8 AVG-1062 Critical multiple issues
17 Jul 2019 ASA-201907-5 AVG-1004 Critical arbitrary code execution