rpm package
suse/squid&distro=SUSE Enterprise Storage 4
pkg:rpm/suse/squid&distro=SUSE%20Enterprise%20Storage%204
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-12529 | — | < 3.5.21-26.17.1 | 3.5.21-26.17.1 | Jul 11, 2019 | An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the | ||
| CVE-2019-12525 | — | < 3.5.21-26.17.1 | 3.5.21-26.17.1 | Jul 11, 2019 | An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with | ||
| CVE-2019-13345 | — | < 3.5.21-26.17.1 | 3.5.21-26.17.1 | Jul 5, 2019 | The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter. |
- CVE-2019-12529Jul 11, 2019affected < 3.5.21-26.17.1fixed 3.5.21-26.17.1
An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the
- CVE-2019-12525Jul 11, 2019affected < 3.5.21-26.17.1fixed 3.5.21-26.17.1
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with
- CVE-2019-13345Jul 5, 2019affected < 3.5.21-26.17.1fixed 3.5.21-26.17.1
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.