rpm package
suse/squid&distro=SUSE Linux Enterprise Point of Sale 11 SP3
pkg:rpm/suse/squid&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-15810 | — | < 2.7.STABLE5-2.12.30.6.1 | 2.7.STABLE5-2.12.30.6.1 | Sep 2, 2020 | An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local securi | ||
| CVE-2019-12523 | — | < 2.7.STABLE5-2.12.30.6.1 | 2.7.STABLE5-2.12.30.6.1 | Nov 26, 2019 | An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restric | ||
| CVE-2019-18676 | — | < 2.7.STABLE5-2.12.30.6.1 | 2.7.STABLE5-2.12.30.6.1 | Nov 26, 2019 | An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security chec |
- CVE-2020-15810Sep 2, 2020affected < 2.7.STABLE5-2.12.30.6.1fixed 2.7.STABLE5-2.12.30.6.1
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local securi
- CVE-2019-12523Nov 26, 2019affected < 2.7.STABLE5-2.12.30.6.1fixed 2.7.STABLE5-2.12.30.6.1
An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restric
- CVE-2019-18676Nov 26, 2019affected < 2.7.STABLE5-2.12.30.6.1fixed 2.7.STABLE5-2.12.30.6.1
An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security chec