https://squid-cache.org|squid vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the https://squid-cache.org|squid package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Server-generated Error Message Containing Sensitive Information	[,7.2)
H Stack-based Buffer Overflow	[,7.2)
H Heap-based Buffer Overflow	[,6.4)
H Improper Input Validation	[3.0,7.0)
H Out-of-bounds Write	[,6.10)
M Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')	[0,7.0.1)
H Uncontrolled Recursion	[3.5.27,6.8)
M Denial of Service (DoS)	[,6.5)
M Expired Pointer Dereference	[,6.6)
H Uncontrolled Recursion	[2.6,6.6)
H Reachable Assertion	[,6.5)
H Use After Free	[3.5,6.0.1)
H Buffer Over-read	[2.2,6.5)
H Denial of Service (DoS)	[,6.0.1)
H Out-of-bounds Read	[3.3.0.1,6.4)
C Improper Handling of Structural Elements	[,6.4)
H Uncontrolled Resource Consumption ('Resource Exhaustion')	[5.0.3,6.4)
C Heap-based Buffer Overflow	[3.2.0.1,6.4)
C Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')	[2.6,6.4)
M Information Exposure	[4.9,5.7)
H Buffer Overflow	[2.5,5.7)
H Denial of Service (DoS)	[2.0,5.6)
M Improper Input Validation	[,3.3.13)[3.4.0,3.4.7)
H Improper Input Validation	[,3.2.9)[3.3.0,3.3.3)
M Out-of-Bounds	[3.1,3.1.20)
M Improper Input Validation	[,3.2.13)[3.3.0,3.3.8)
C Buffer Overflow	[3.0,3.5.28][4.0,4.9)
C Out-of-bounds Write	[3.0,4.11)[5.0.0,5.0.1)
M Improper Input Validation	[,3.1.22)[3.2.0,3.2.4)[3.3.0.0,3.3.0.2)
M Denial of Service (DoS)	[,2.6.12)
M Memory Leak	[,4.4)
M Denial of Service (DoS)	[,3.1.7)
H Improper Input Validation	[2.0,4.14)[5.0.1,5.0.5)
M Arbitrary Code Injection	[,4.9)
M Denial of Service (DoS)	[,3.1.15)[3.2.0.0,3.2.0.11)
C Integer Overflow or Wraparound	[3.0,3.5.28][4.0,4.11)[5.0,5.0.2)
M Improper Data Handling	[,3.4.8)
M Access Restriction Bypass	[0,3.2.0.11)
H Denial of Service (DoS)	[4.0,4.8)
M Denial of Service (DoS)	[2.0_patch2,2.5.6]
H CVE-2005-1345	[2.5.stable1,2.5.stable9]
M Integer Overflow or Wraparound	[3.0,4.15)[5.0,5.0.6)
M Cross-site Request Forgery (CSRF)	[2.0,2.7][3.0,3.5.28][4.0,4.9)
H Out-of-bounds Write	[4.0.23,4.8)
H HTTP Request Smuggling	[2.0,2.7)[3.1,3.5.28][4.0,4.12)[5.0,5.0.3)
H Access Restriction Bypass	[,2.5.7)
M Denial of Service (DoS)	[,2.5.7)
M Cross-site Scripting (XSS)	[,4.4)
H Improper Input Validation	[,3.5.15)[4.0.0,4.0.7)
M Improper Input Validation	[2.0,2.6.18)
M HTTP Request Smuggling	[,4.13)[5.0,5.0.4)
H Out-of-Bounds	[,3.2.12)[3.3.0,3.3.7)
M Out-of-Bounds	[3.0,3.0.18)[3.1,3.1.0.13)
H Information Exposure	[,4.10)
L Out-of-Bounds	[,3.5.17)[4.0.0,4.0.9)
M Improper Input Validation	[,3.4.8)
H Improper Input Validation	[,3.5.15)[4.0.0,4.0.7)
H Out-of-Bounds	[,3.5.16)
M Improper Synchronization	[5.0,5.0.3)
M Improper Input Validation	[2.0,2.6.24)[2.7,2.7.8)[3.0,3.0.23)[3.1,3.1.0.16)
M Use of Cache Containing Sensitive Information	[,2.5.7)
M Improper Input Validation	[,4.15)[5.0,5.0.6)
H Improper Input Validation	[,4.10)
M Denial of Service (DoS)	[2.0,2.7.STABLE8)[3.0,3.0.STABLE24)
H NULL Pointer Dereference	[,4.0.23)
M Privilege Escalation	[,4.8)
H Insufficient Verification of Data Authenticity	[,3.5.18)
M Improper Input Validation	[,3.5.14)
H Information Exposure	[,3.5.23)[4.0.0,4.0.17)
M Information Exposure	[2.0,2.7][3.0,3.5.28][4.0,4.8)
M Out-of-Bounds	[3.0,3.4.8)
M Denial of Service (DoS)	[,2.5.7)
H Memory Leak	[2.0,4.15)[5.0,5.0.6)
M Resource Management Errors	[,3.1.16)
M Cross-site Scripting (XSS)	[,4.8)
M Use of Cache Containing Sensitive Information	[,2.5.7)
H Improper Input Validation	[,3.5.15)[4.0.0,4.0.7)
C Out-of-Bounds	[3.3.9,3.5.28][4.0,4.8)
M Denial of Service (DoS)	[2.0_patch2,2.5.6]
H Out-of-Bounds	[,3.5.17)[4.0.0,4.0.9)
H Information Exposure	[,4.10)
H Information Exposure	[2.0,2.7][3.0,3.5.28][4.0,4.9)
M Memory Leak	[1.0,4.15)[5.0,5.0.6)
M Cross-site Scripting (XSS)	[4.0.1,4.15)[5.0,5.0.6)
H Information Exposure	[,3.5.23)[4.0.0,4.0.17)
M Denial of Service (DoS)	[2.0_patch2,2.5.6]
C Access Restriction Bypass	[3.0,3.5.28][4.0,4.9)
M Improper Input Validation	[2.7,2.7.6)[3.0,3.0.13)[3.1,3.1.0.5)
M Denial of Service (DoS)	[,3.1.8)[3.2.0.0,3.2.0.2)
H Insufficient Verification of Data Authenticity	[,3.5.18)
L Reliance on Cookies without Validation and Integrity Checking	[,2.5.9)
M Denial of Service (DoS)	[,2.5.7)
L Improper Input Validation	[,3.2.14)[3.3.0,3.3.14)[3.4.0,3.4.13)[3.5.0,3.5.4)
H Improper Input Validation	[,3.5.15)[4.0.0,4.0.7)
M CRLF Injection	[,3.1.1)
M Access Restriction Bypass	[,2.5.7)
H Improper Input Validation	[,4.8)
H Out-of-Bounds	[,3.5.17)[4.0.0,4.0.9)
H Out-of-Bounds	[,4.10)
H Out-of-Bounds	[0,3.5.16)
M Denial of Service (DoS)	[,2.5.7)
H Out-of-Bounds	[,3.5.17)[4.0.0,4.0.9)
H Improper Input Validation	[0,3.5.18)
M Denial of Service (DoS)	[,2.6.7)
M Allocation of Resources Without Limits or Throttling	[,2.6.4)
M HTTP Request Smuggling	[,4.13)[5.0,5.0.4)
M Access Restriction Bypass	[,3.5.3)
H Denial of Service (DoS)	[,3.5.18)[4.0.0,4.0.10)
C Missing Authentication	[,4.8)
M Denial of Service (DoS)	[,2.5.11)
M HTTP Request Smuggling	[3.0,3.5.28][4.0,4.9)
M Denial of Service (DoS)	[,2.5.10)
H Out-of-bounds Write	[3.0,3.5.28][4.0,4.9)
H Improper Data Handling	[3.0,3.5.27][4.0,4.3)
H Out-of-Bounds	[,2.5.7)
M Improper Input Validation	[,2.7.7)
H NULL Pointer Dereference	[3.1,3.5.28][4.0,4.12)[5.0,5.0.3)
M Access Restriction Bypass	[,3.4)
H Improper Input Validation	[3.0,4.13)[5.0.1,5.0.4)
M Improper Input Validation	[2.0,2.6.18)
M Improper Input Validation	[3.0,3.0.18)[3.1,3.1.0.13)
M Out-of-bounds Write	[3.0,4.11)[5.0.1,5.0.2)
M Out-of-bounds Read	[,4.17)[5.0,5.2)
M Cross-site Scripting (XSS)	[,4.15)[5.0,5.0.6)
C Access Restriction Bypass	[,2.5.7)
M Improper Input Validation	[,4.15)[5.0,5.0.6)
M Improper Input Validation	[,3.3.12)[3.4.0,3.4.4)

Vulnerability

Vulnerable Version

Server-generated Error Message Containing Sensitive Information

[,7.2)