rpm package
suse/squid&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5
pkg:rpm/suse/squid&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
Vulnerabilities (42)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-18679 | — | < 4.9-4.3.2 | 4.9-4.3.2 | Nov 26, 2019 | An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. T | ||
| CVE-2019-13345 | — | < 4.9-4.3.2 | 4.9-4.3.2 | Jul 5, 2019 | The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter. |
- CVE-2019-18679Nov 26, 2019affected < 4.9-4.3.2fixed 4.9-4.3.2
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. T
- CVE-2019-13345Jul 5, 2019affected < 4.9-4.3.2fixed 4.9-4.3.2
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
Page 3 of 3