cbcvebase.

Squid-Cache Squid vulnerabilities

109 known vulnerabilities affecting squid-cache/squid.

Total CVEs
109
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL7HIGH51MEDIUM49LOW2

Vulnerabilities

Page 6 of 6
CVE-2010-0308P4MEDIUMCVSS 4.0v2.0v2.1+44 more2010-02-03
CVE-2010-0308 [MEDIUM] CWE-20 CVE-2010-0308: lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attacke lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header.
nvd
CVE-2021-28652P4MEDIUMCVSS 4.9≥ 1.0, < 4.15≥ 5.0, < 5.0.62021-05-27
CVE-2021-28652 [MEDIUM] CWE-401 CVE-2021-28652: An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validatio An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short query string. This attack is limited to clients with Cach
nvd
CVE-2014-9749P4MEDIUMCVSS 4.0v3.4.4v3.4.5+13 more2015-11-06
CVE-2014-9749 [MEDIUM] CWE-264 CVE-2014-9749: Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remo Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."
nvd
CVE-2015-0881P4MEDIUMCVSS 4.3≤ 3.1.0.182015-02-20
CVE-2015-0881 [MEDIUM] CVE-2015-0881: CRLF injection vulnerability in Squid before 3.1.1 allows remote attackers to inject arbitrary HTTP CRLF injection vulnerability in Squid before 3.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted header in a response.
nvd
CVE-2018-19131P4MEDIUMCVSS 6.1fixed in 4.42018-11-09
CVE-2018-19131 [MEDIUM] CWE-79 CVE-2018-19131: Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for ce Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
nvd
CVE-2016-4053P4LOWCVSS 3.7v3.0v3.1+138 more2016-04-25
CVE-2016-4053 [LOW] CWE-119 CVE-2016-4053: Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
nvd
CVE-2019-12522P4MEDIUMCVSS 4.5≤ 4.72020-04-15
CVE-2019-12522 [MEDIUM] CWE-269 CVE-2019-12522: An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child process An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
nvd
CVE-2015-3455P4LOWCVSS 2.6v3.2.0.1v3.2.0.2+68 more2015-05-18
CVE-2015-3455 [LOW] CWE-20 CVE-2015-3455: Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when co Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate.
nvd
CVE-2025-59362P4MEDIUMCVSS 4.0≤ 7.12025-09-26
CVE-2025-59362 [MEDIUM] CWE-121 CVE-2025-59362: Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in lib Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in lib/snmplib/asn1.c.
nvd
Squid-Cache Squid vulnerabilities | cvebase