squid3 (SUSE:Linux Enterprise Server 11 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 11 SP4 package squid3, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (31)
CVE-2016-4051 — CVSS 8.8 (high): Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of…
CVE-2016-4554 — CVSS 8.6 (high): mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct…
CVE-2016-4553 — CVSS 8.6 (high): client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which…
CVE-2016-3947 — CVSS 8.2 (high): Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8…
CVE-2016-4054 — CVSS 8.1 (high): Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side…
CVE-2016-4052 — CVSS 8.1 (high): Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of…
CVE-2018-1000027 — CVSS 7.5 (high): The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in…
CVE-2016-4556 — CVSS 7.5 (high): Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service…
CVE-2016-3948 — CVSS 7.5 (high): Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service…
CVE-2018-1000024 — CVSS 7.5 (high): The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling…
CVE-2016-10002 — CVSS 7.5 (high): Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through…
CVE-2016-2569 — CVSS 7.5 (high): Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial…
CVE-2016-2570 — CVSS 7.5 (high): The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which…
CVE-2016-2571 — CVSS 7.5 (high): http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which…
CVE-2013-4115 — CVSS 7.5 (high): Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to…
CVE-2016-2572 — CVSS 7.5 (high): http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP servers to…
CVE-2016-4555 — CVSS 7.5 (high): client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via…
CVE-2011-3205 — CVSS 6.8 (medium): Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15…
CVE-2014-6270 — CVSS 6.8 (medium): Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote…
CVE-2015-5400 — CVSS 6.8 (medium): Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to…
CVE-2014-7142 — CVSS 6.4 (medium): The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a…
CVE-2014-7141 — CVSS 6.4 (medium): The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds…
CVE-2018-19131 — CVSS 6.1 (medium): Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
CVE-2016-2390 — CVSS 5.9 (medium): The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake…
CVE-2018-1172 — CVSS 5.9 (medium): This vulnerability allows remote attackers to deny service on vulnerable installations of The Squid Software Foundation Squid…
CVE-2014-0128 — CVSS 5.0 (medium): Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion…
CVE-2012-5643 — CVSS 5.0 (medium): Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2…
CVE-2011-4096 — CVSS 5.0 (medium): The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service…
CVE-2014-9749 — CVSS 4.0 (medium): Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access…
CVE-2016-4053 — CVSS 3.7 (low): Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side…
CVE-2013-0188: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0189, CVE-2013-0191. Reason: this identifier was intended for one…