rpm package
suse/squid&distro=SUSE Linux Enterprise Server 12 SP3
pkg:rpm/suse/squid&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-19132 | — | < 3.5.21-26.12.1 | 3.5.21-26.12.1 | Nov 9, 2018 | Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet. | ||
| CVE-2018-19131 | — | < 3.5.21-26.12.1 | 3.5.21-26.12.1 | Nov 9, 2018 | Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors. | ||
| CVE-2018-1172 | — | < 3.5.21-26.9.1 | 3.5.21-26.9.1 | May 16, 2018 | This vulnerability allows remote attackers to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists within ClientRequestContext::sslBumpAccessCheck(). | ||
| CVE-2018-1000027 | — | < 3.5.21-26.6.1 | 3.5.21-26.6.1 | Feb 9, 2018 | The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be e | ||
| CVE-2018-1000024 | — | < 3.5.21-26.6.1 | 3.5.21-26.6.1 | Feb 9, 2018 | The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable v |
- CVE-2018-19132Nov 9, 2018affected < 3.5.21-26.12.1fixed 3.5.21-26.12.1
Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
- CVE-2018-19131Nov 9, 2018affected < 3.5.21-26.12.1fixed 3.5.21-26.12.1
Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
- CVE-2018-1172May 16, 2018affected < 3.5.21-26.9.1fixed 3.5.21-26.9.1
This vulnerability allows remote attackers to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists within ClientRequestContext::sslBumpAccessCheck().
- CVE-2018-1000027Feb 9, 2018affected < 3.5.21-26.6.1fixed 3.5.21-26.6.1
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be e
- CVE-2018-1000024Feb 9, 2018affected < 3.5.21-26.6.1fixed 3.5.21-26.6.1
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable v