| Bug | Description |
|---|
| TEMP-0000000-F99584 | "slowloris" denial-of-service vulnerability in webservers |
| CVE-2023-50269 | Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion ... |
| CVE-2023-49286 | Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and ... |
| CVE-2023-49285 | Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and ... |
| CVE-2023-46848 | Squid is vulnerable to Denial of Service, where a remote attacker can ... |
| CVE-2023-46847 | Squid is vulnerable to a Denial of Service, where a remote attacker c ... |
| CVE-2023-46846 | SQUID is vulnerable to HTTP request smuggling, caused by chunked decod ... |
| CVE-2023-46724 | Squid is a caching proxy for the Web. Due to an Improper Validation of ... |
| CVE-2022-41318 | A buffer over-read was discovered in libntlmauth in Squid 2.5 through ... |
| CVE-2022-41317 | An issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5. ... |
| CVE-2021-46784 | In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due ... |
| CVE-2021-41611 | An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. When ... |
| CVE-2021-33620 | Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause ... |
| CVE-2021-31808 | An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due ... |
| CVE-2021-31807 | An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An ... |
| CVE-2021-31806 | An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due ... |
| CVE-2021-28662 | An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. ... |
| CVE-2021-28652 | An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due ... |
| CVE-2021-28651 | An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due ... |
| CVE-2021-28116 | Squid through 4.14 and 5.x through 5.0.5, in some configurations, allo ... |
| CVE-2020-25097 | An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. D ... |
| CVE-2020-24606 | Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perfor ... |
| CVE-2020-15811 | An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due ... |
| CVE-2020-15810 | An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due ... |
| CVE-2020-15049 | An issue was discovered in http/ContentLengthInterpreter.cc in Squid b ... |
| CVE-2020-14059 | An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect ... |
| CVE-2020-11945 | An issue was discovered in Squid before 5.0.2. A remote attacker can r ... |
| CVE-2020-8450 | An issue was discovered in Squid before 4.10. Due to incorrect buffer ... |
| CVE-2020-8449 | An issue was discovered in Squid before 4.10. Due to incorrect input v ... |
| CVE-2019-18860 | Squid before 4.9, when certain web browsers are used, mishandles HTML ... |
| CVE-2019-18679 | An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to ... |
| CVE-2019-18678 | An issue was discovered in Squid 3.x and 4.x through 4.8. It allows at ... |
| CVE-2019-18677 | An issue was discovered in Squid 3.x and 4.x through 4.8 when the appe ... |
| CVE-2019-18676 | An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incor ... |
| CVE-2019-13345 | The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_ ... |
| CVE-2019-12854 | Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4. ... |
| CVE-2019-12529 | An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through ... |
| CVE-2019-12528 | An issue was discovered in Squid before 4.10. It allows a crafted FTP ... |
| CVE-2019-12527 | An issue was discovered in Squid 4.0.23 through 4.7. When checking Bas ... |
| CVE-2019-12526 | An issue was discovered in Squid before 4.9. URN response handling in ... |
| CVE-2019-12525 | An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through ... |
| CVE-2019-12524 | An issue was discovered in Squid through 4.7. When handling requests f ... |
| CVE-2019-12523 | An issue was discovered in Squid before 4.9. When handling a URN reque ... |
| CVE-2019-12521 | An issue was discovered in Squid through 4.7. When Squid is parsing ES ... |
| CVE-2019-12520 | An issue was discovered in Squid through 4.7 and 5. When receiving a r ... |
| CVE-2019-12519 | An issue was discovered in Squid through 4.7. When handling the tag es ... |
| CVE-2019-3688 | The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterpri ... |
| CVE-2018-1000027 | The Squid Software Foundation Squid HTTP Caching Proxy version prior t ... |
| CVE-2018-1000024 | The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to ... |
| CVE-2018-19132 | Squid before 4.4, when SNMP is enabled, allows a denial of service (Me ... |
| CVE-2018-19131 | Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S ... |
| CVE-2018-1172 | This vulnerability allows remote attackers to deny service on vulnerab ... |
| CVE-2016-4556 | Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x ... |
| CVE-2016-4555 | client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.1 ... |
| CVE-2016-4554 | mime_header.cc in Squid before 3.5.18 allows remote attackers to bypas ... |
| CVE-2016-4553 | client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not p ... |
| CVE-2016-4054 | Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows ... |
| CVE-2016-4053 | Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to ... |
| CVE-2016-4052 | Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4 ... |
| CVE-2016-4051 | Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4 ... |
| CVE-2016-3948 | Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds ... |
| CVE-2016-3947 | Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.c ... |
| CVE-2016-2572 | http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after ... |
| CVE-2016-2571 | http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with ... |
| CVE-2016-2570 | The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x ... |
| CVE-2016-2569 | Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append ... |
| CVE-2016-2390 | The FwdState::connectedToPeer method in FwdState.cc in Squid before 3. ... |
| CVE-2015-5400 | Squid before 3.5.6 does not properly handle CONNECT method peer respon ... |
| CVE-2015-3455 | Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, a ... |
| CVE-2015-0881 | CRLF injection vulnerability in Squid before 3.1.1 allows remote attac ... |
| CVE-2014-9749 | Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest auth ... |
| CVE-2014-7142 | The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain ... |
| CVE-2014-7141 | The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain ... |
| CVE-2014-6270 | Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squi ... |
| CVE-2014-3609 | HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allo ... |
| CVE-2014-0128 | Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled ... |
| CVE-2013-4123 | client_side_request.cc in Squid 3.2.x before 3.2.13 and 3.3.x before 3 ... |
| CVE-2013-4115 | Buffer overflow in the idnsALookup function in dns_internal.cc in Squi ... |
| CVE-2013-0189 | cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and oth ... |
| CVE-2012-5643 | Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2. ... |
| CVE-2011-3205 | Buffer overflow in the gopherToHTML function in gopher.cc in the Gophe ... |
| CVE-2010-3072 | The string-comparison functions in String.cci in Squid 3.x before 3.1. ... |
| CVE-2010-0639 | The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.ST ... |
| CVE-2010-0308 | lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through ... |
| CVE-2009-2855 | The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allo ... |
| CVE-2009-2622 | Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote ... |
| CVE-2009-2621 | Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not prope ... |
| CVE-2009-0801 | Squid, when transparent interception mode is enabled, uses the HTTP Ho ... |
| CVE-2009-0478 | Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allo ... |
| CVE-2008-1612 | The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows at ... |
| CVE-2007-6239 | The "cache update reply processing" functionality in Squid 2.x before ... |
| CVE-2007-1560 | The clientProcessRequest() function in src/client_side.c in Squid 2.6 ... |
| CVE-2007-0248 | The aclMatchExternal function in Squid before 2.6.STABLE7 allows remot ... |
| CVE-2007-0247 | squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers ... |
| CVE-2005-3322 | Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote att ... |
| CVE-2005-3258 | The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and ear ... |
| CVE-2005-2917 | Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, ... |
| CVE-2005-2796 | The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and ear ... |
| CVE-2005-2794 | store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to c ... |
| CVE-2005-1519 | Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered ... |
| CVE-2005-1345 | Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it i ... |
| CVE-2005-0718 | Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denia ... |
| CVE-2005-0626 | Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Net ... |
| CVE-2005-0446 | Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denia ... |
| CVE-2005-0241 | The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 an ... |
| CVE-2005-0211 | Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remot ... |
| CVE-2005-0194 | Squid 2.5, when processing the configuration file, parses empty Access ... |
| CVE-2005-0175 | Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cach ... |
| CVE-2005-0174 | Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cach ... |
| CVE-2005-0173 | squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated u ... |
| CVE-2005-0097 | The NTLM component in Squid 2.5.STABLE7 and earlier allows remote atta ... |
| CVE-2005-0096 | Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and ... |
| CVE-2005-0095 | The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows ... |
| CVE-2005-0094 | Buffer overflow in the gopherToHTML function in the Gopher reply parse ... |
| CVE-2004-2654 | The clientAbortBody function in client_side.c in Squid Web Proxy Cache ... |
| CVE-2004-2480 | Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass se ... |
| CVE-2004-2479 | Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensi ... |
| CVE-2004-0918 | The asn_parse_header function (asn1.c) in the SNMP module for Squid We ... |
| CVE-2004-0832 | The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2 ... |
| CVE-2004-0541 | Buffer overflow in the ntlm_check_auth (NTLM authentication) function ... |
| CVE-2004-0189 | The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows ... |
| CVE-2002-0916 | Format string vulnerability in the allowuser code for the Stellar-X ms ... |
| CVE-2002-0735 | Format string vulnerability in the logging() function in C-Note Squid ... |
| CVE-2002-0715 | Vulnerability in Squid before 2.4.STABLE6 related to proxy authenticat ... |
| CVE-2002-0714 | FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresse ... |
| CVE-2002-0713 | Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to ... |
| CVE-1999-0710 | The Squid package in Red Hat Linux 5.2 and 6.0, and other distribution ... |