Squid-Cache Squid vulnerabilities

CVE-2023-46724 [HIGH] CWE-125 CVE-2023-46724: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid ve Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by init

CVE-2022-41318 [HIGH] CWE-190 CVE-2022-41318: A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer- A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.

CVE-2022-41317 [MEDIUM] CWE-697 CVE-2022-41317: An issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handlin An issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, there can be Exposure of Sensitive Information about clients using the proxy via an HTTPS request to an internal cache manager URL. This is fixed in 5.7.

CVE-2021-46784 [MEDIUM] CWE-617 CVE-2021-46784: In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.

CVE-2021-41611 [HIGH] CWE-295 CVE-2021-41611: An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. When validating an origin server or An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted. This problem allows a remote server to obtain security trust well improperly. This indication of trust may be passed along to clients, allowing access to unsafe or hijack

CVE-2021-31807 [MEDIUM] CWE-190 CVE-2021-31807: An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allow An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent.

CVE-2021-33620 [MEDIUM] CWE-20 CVE-2021-33620: Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.

CVE-2021-28651 [HIGH] CWE-401 CVE-2021-28651: An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, i An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption.

CVE-2021-28652 [MEDIUM] CWE-401 CVE-2021-28652: An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validatio An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short query string. This attack is limited to clients with Cach

CVE-2021-31808 [MEDIUM] CWE-190 CVE-2021-31808: An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, i An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.

CVE-2021-31806 [MEDIUM] CWE-116 CVE-2021-31806: An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, i An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range request processing.

CVE-2021-28662 [MEDIUM] CWE-116 CVE-2021-28662: An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a ce An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic.

CVE-2020-25097 [HIGH] CWE-20 CVE-2020-25097: An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validatio An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.

CVE-2021-28116 [MEDIUM] CWE-125 CVE-2021-28116: Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure beca Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.

CVE-2020-15811 [MEDIUM] CWE-697 CVE-2020-15811: An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the browser cache and any downstream caches with content

CVE-2020-15810 [MEDIUM] CWE-444 CVE-2020-15810: An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any downstream caches with content fr

CVE-2020-24606 [HIGH] CWE-667 CVE-2020-24606: Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consumi Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles

CVE-2020-15049 [HIGH] CWE-444 CVE-2020-15049: An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0. An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace character prefix to the length field-value.

CVE-2020-14058 [HIGH] CVE-2020-14058: An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dange An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs because unrecognized error values are mapped to NULL, but later code e

CVE-2020-14059 [MEDIUM] CWE-662 CVE-2020-14059: An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list.