Search CVE reports


Toggle filters

21 – 30 of 140 results


CVE-2021-33620

Medium priority

Some fixes available 11 of 12

Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Fixed Not in release Not in release
squid3 Not in release Not in release Not in release Fixed Vulnerable
Show less packages

CVE-2021-31807

Medium priority

Some fixes available 11 of 12

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Fixed Not in release Not in release
squid3 Not in release Not in release Not in release Fixed Vulnerable
Show less packages

CVE-2021-31808

Medium priority

Some fixes available 11 of 12

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Fixed Not in release Not in release
squid3 Not in release Not in release Not in release Fixed Vulnerable
Show less packages

CVE-2021-31806

Medium priority

Some fixes available 11 of 12

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range request processing.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Fixed Not in release Not in release
squid3 Not in release Not in release Not in release Fixed Vulnerable
Show less packages

CVE-2021-28662

Medium priority
Fixed

An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Not in release Not in release
squid3 Not in release Not in release Not affected Not affected
Show less packages

CVE-2021-28652

Low priority

Some fixes available 6 of 7

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that....

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Not in release Not in release
squid3 Not in release Not in release Fixed Ignored
Show less packages

CVE-2021-28651

Medium priority
Fixed

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However,...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Fixed Not in release Not in release
squid3 Not in release Not in release Not in release Fixed Fixed
Show less packages

CVE-2020-25097

Medium priority
Fixed

An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls....

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Not in release Not in release
squid3 Not in release Fixed Fixed
Show less packages

CVE-2021-28116

Medium priority

Some fixes available 10 of 12

Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Fixed Fixed Not in release Not in release
squid3 Not in release Not in release Not in release Fixed Vulnerable
Show less packages

CVE-2020-24606

Medium priority
Fixed

Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
squid Fixed Not in release Not in release
squid3 Not in release Fixed Fixed
Show less packages