squid3 vulnerabilities

Known vulnerabilities in the squid3 package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Reachable Assertion	*
M Improper Input Validation	<3.5.23-5+deb9u7
M Improper Input Validation	<3.5.23-5+deb9u7
M Integer Overflow or Wraparound	<3.5.23-5+deb9u7
M Improper Encoding or Escaping of Output	<3.5.23-5+deb9u7
H Memory Leak	<3.5.23-5+deb9u7
M Memory Leak	<3.5.23-5+deb9u7
H Improper Input Validation	<3.5.23-5+deb9u6
M Out-of-bounds Read	*
H Improper Input Validation	<3.5.23-5+deb9u5
M HTTP Request Smuggling	<3.5.23-5+deb9u5
M HTTP Request Smuggling	<3.5.23-5+deb9u5
L Improper Privilege Management	*
L NULL Pointer Dereference	*
H HTTP Request Smuggling	<3.5.23-5+deb9u5
M Out-of-bounds Write	<3.5.23-5+deb9u2
C Out-of-bounds Write	<3.5.23-5+deb9u2
C Integer Overflow or Wraparound	<3.5.23-5+deb9u2
H Improper Input Validation	<3.5.23-5+deb9u2
C Missing Authentication for Critical Function	<3.5.23-5+deb9u2
M Arbitrary Code Injection	<3.5.23-5+deb9u2
L Improper Input Validation	*
H Information Exposure	<3.5.23-5+deb9u2
H Exposure of Resource to Wrong Sphere	<3.5.23-5+deb9u2
H Out-of-Bounds	<3.5.23-5+deb9u2
H Out-of-bounds Write	<3.5.23-5+deb9u2
C CVE-2019-12523	<3.5.23-5+deb9u2
C Buffer Overflow	<3.5.23-5+deb9u2
H Information Exposure	<3.5.23-5+deb9u2
M HTTP Request Smuggling	<3.5.23-5+deb9u2
M Cross-site Request Forgery (CSRF)	<3.5.23-5+deb9u2
M Cross-site Scripting (XSS)	<3.5.23-5+deb9u2
M Information Exposure	<3.5.23-5+deb9u2
C Out-of-Bounds	<3.5.23-5+deb9u2
L Cross-site Scripting (XSS)	*
M Missing Release of Resource after Effective Lifetime	<3.5.23-5+deb9u2
L NULL Pointer Dereference	*
H CVE-2018-1000024	<3.5.23-5+deb9u1
H NULL Pointer Dereference	<3.5.23-5+deb9u1
H Information Exposure	<3.5.23-1
H Information Exposure	<3.5.23-1
H Improper Input Validation	<3.5.19-1
H Insufficient Verification of Data Authenticity	<3.5.19-1
H CVE-2016-4556	<3.5.19-1
H Insufficient Verification of Data Authenticity	<3.5.19-1
H Out-of-Bounds	<3.5.17-1
L Out-of-Bounds	<3.5.17-1
H Out-of-Bounds	<3.5.17-1
H Out-of-Bounds	<3.5.17-1
L Improper Input Validation	<3.5.14-1
H Out-of-Bounds	<3.5.16-1
H Out-of-Bounds	<3.5.16-1
H Improper Input Validation	<3.5.15-1
H Improper Input Validation	<3.5.15-1
H Improper Input Validation	<3.5.15-1
M Access Restriction Bypass	<3.4.8-6
M Access Restriction Bypass	<3.5.6-1
L Improper Input Validation	<3.5.6-1
M CVE-2015-0881	<3.1.1-1
M Improper Input Validation	<3.4.8-1
M Improper Data Handling	<3.4.8-1
L Out-of-Bounds	<3.4.8-1
M Improper Input Validation	<3.3.8-1.2
L Improper Input Validation	<3.4.8-1
M Improper Input Validation	<3.3.8-1
H Out-of-Bounds	<3.3.8-1
M Out-of-Bounds	<3.1.20-2.1
M Improper Input Validation	<3.1.20-2.1
M Resource Management Errors	<3.1.16-1
L CVE-2011-3205	<3.1.15-1
M CVE-2010-2951	<3.1.6-1.2
L CVE-2010-3072	<3.1.6-1.1
M CVE-2010-0639	<3.1.0.17-1
M Improper Input Validation	<3.1.0.16-1
M Improper Input Validation	<3.0.STABLE19-1
M Improper Input Validation	<3.0.STABLE18-1
M Out-of-Bounds	<3.0.STABLE18-1
L Access Restriction Bypass	<3.3.3-1
M Improper Input Validation	<3.0.STABLE8-3

Vulnerability

Vulnerable Version

Reachable Assertion