pkg:Debian/squid

155 total CVEsCRITICAL10HIGH46MEDIUM35

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2025-54574Squid is a caching proxy for the Web.
from 0, < 4.13-10+deb11u5
CRITICAL9.8CVE-2025-21311Windows NTLM V1 Elevation of Privilege Vulnerability
from 0
CRITICAL9.8CVE-2020-11945An issue was discovered in Squid before 5.0.2.
from 0, < 4.11-1
CRITICAL9.8CVE-2019-12519squid - security update
from 0, < 4.6-1+deb10u2
CRITICAL9.8CVE-2019-12519squid - security update
from 0, < 4.11-1
CRITICAL9.8CVE-2019-12524An issue was discovered in Squid through 4.7.
from 0, < 4.8-1
CRITICAL9.8CVE-2019-12526squid3 - security update
from 0, < 4.9-1
CRITICAL9.8CVE-2019-12525squid - security update
from 0, < 4.6-1+deb10u1
CRITICAL9.8CVE-2019-12525squid - security update
from 0, < 4.8-1
CRITICAL9.1CVE-2019-12523An issue was discovered in Squid before 4.9.
from 0, < 4.9-1
HIGH8.8CVE-2020-15049squid3 - security update
from 0, < 4.12-1
HIGH8.8CVE-2019-12527An issue was discovered in Squid 4.0.23 through 4.7.
from 0, < 4.8-1
HIGH8.8CVE-2016-4051squid3 - security update
from 0, < 4.1-1
HIGH8.6CVE-2022-41318A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6.
from 0, < 4.13-10+deb11u2
HIGH8.6CVE-2020-25097squid - security update
from 0, < 4.6-1+deb10u5
HIGH8.6CVE-2020-25097squid - security update
from 0, < 4.13-8
HIGH8.6CVE-2016-4554squid - security update
from 0, < 2.7.STABLE9-4.1+deb7u2
HIGH8.6CVE-2016-4554squid - security update
from 0, < 4.1-1
HIGH8.2CVE-2016-3947Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 a…
from 0, < 4.1-1
HIGH7.5CVE-2026-33526Squid is a caching proxy for the Web.
from 0
HIGH7.5CVE-2026-32748Squid is a caching proxy for the Web.
from 0
HIGH7.5CVE-2025-62168squid - security update
from 0, < 5.7-2+deb12u4
HIGH7.5CVE-2025-62168squid - security update
from 0, < 4.13-10+deb11u6
HIGH7.5CVE-2024-45802Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
from 0, < 4.13-10+deb11u4
HIGH7.5CVE-2024-25111squid - security update
from 0, < 4.13-10+deb11u4
HIGH7.5CVE-2024-25111squid - security update
from 0, < 4.13-10+deb11u4
HIGH7.5CVE-2024-25617Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
from 0, < 4.13-10+deb11u3
HIGH7.5CVE-2023-50269Squid is a caching proxy for the Web.
from 0, < 4.13-10+deb11u3
HIGH7.5CVE-2023-49288Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
from 0
HIGH7.5CVE-2023-49286Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
from 0, < 4.13-10+deb11u3
HIGH7.5CVE-2023-49285Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
from 0, < 4.13-10+deb11u3
HIGH7.5CVE-2023-46728squid - security update
from 0, < 4.13-10+deb11u5
HIGH7.5CVE-2023-46728squid - security update
from 0, < 4.13-10+deb11u5
HIGH7.5CVE-2023-5824squid - security update
from 0, < 5.7-2+deb12u3
HIGH7.5CVE-2023-5824squid - security update
from 0, < 4.13-10+deb11u5
HIGH7.5CVE-2023-46848Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constr…
from 0, < 5.7-2+deb12u1
HIGH7.5CVE-2023-46847Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary d…
from 0, < 4.13-10+deb11u3
HIGH7.5CVE-2023-46724squid - security update
from 0, < 4.13-10+deb11u3
HIGH7.5CVE-2023-46724squid - security update
from 0, < 4.13-10+deb11u3
HIGH7.5CVE-2021-41611An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2.
from 0, < 5.2-1
HIGH7.5CVE-2021-28651squid - security update
from 0, < 4.6-1+deb10u6
HIGH7.5CVE-2021-28651squid - security update
from 0, < 4.13-10
HIGH7.5CVE-2020-24606Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during hand…
from 0, < 4.13-1
HIGH7.5CVE-2020-14058An issue was discovered in Squid before 4.12 and 5.x before 5.0.3.
from 0, < 4.12-1
HIGH7.5CVE-2019-12520An issue was discovered in Squid through 4.7 and 5.
from 0, < 4.8-1
HIGH7.5CVE-2019-12528An issue was discovered in Squid before 4.10.
from 0, < 4.10-1
HIGH7.5CVE-2020-8517An issue was discovered in Squid before 4.10.
from 0, < 4.10-1
HIGH7.5CVE-2020-8449An issue was discovered in Squid before 4.10.
from 0, < 4.10-1
HIGH7.5CVE-2019-18679An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8.
from 0, < 4.9-1
HIGH7.5CVE-2019-18676An issue was discovered in Squid 3.x and 4.x through 4.8.
from 0, < 4.9-1
HIGH7.5CVE-2019-12854Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory.
from 0, < 4.8-1
HIGH7.5CVE-2018-1000027squid - security update
from 0, < 2.7.STABLE9-4.1+deb7u3
HIGH7.5CVE-2018-1000027squid - security update
from 0, < 4.1-1
HIGH7.5CVE-2018-1000024squid3 - security update
from 0, < 4.1-1
HIGH7.5CVE-2016-3948squid3 - security update
from 0, < 4.1-1
HIGH7.3CVE-2020-8450An issue was discovered in Squid before 4.10.
from 0, < 4.10-1
MEDIUM6.5CVE-2026-33515Squid is a caching proxy for the Web.
from 0
MEDIUM6.5CVE-2024-23638Squid is a caching proxy for the Web.
from 0, < 4.13-10+deb11u3
MEDIUM6.5CVE-2022-41317squid - security update
from 0, < 4.13-10+deb11u2
MEDIUM6.5CVE-2022-41317squid - security update
from 0, < 4.13-10+deb11u2
MEDIUM6.5CVE-2022-41317squid - security update
from 0, < 4.6-1+deb10u8
MEDIUM6.5CVE-2021-46784In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when pr…
from 0, < 4.13-10+deb11u1
MEDIUM6.5CVE-2021-31807An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
from 0, < 4.13-10
MEDIUM6.5CVE-2021-33620Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HT…
from 0, < 4.13-10
MEDIUM6.5CVE-2021-31808An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
from 0, < 4.13-10
MEDIUM6.5CVE-2021-31806An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
from 0, < 4.13-10
MEDIUM6.5CVE-2021-28662An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6.
from 0, < 4.13-10
MEDIUM6.5CVE-2020-15811An issue was discovered in Squid before 4.13 and 5.x before 5.0.4.
from 0, < 4.13-1
MEDIUM6.5CVE-2020-15810squid - security update
from 0, < 4.13-1
MEDIUM6.5CVE-2020-15810squid - security update
from 0, < 4.6-1+deb10u4
MEDIUM6.3CVE-2024-37894squid - security update
from 0, < 5.7-2+deb12u2
MEDIUM6.3CVE-2024-37894squid - security update
from 0, < 4.13-10+deb11u4
MEDIUM6.1CVE-2019-18860squid - security update
from 0, < 4.9-1
MEDIUM6.1CVE-2019-18860squid - security update
from 0, < 4.6-1+deb10u3
MEDIUM6.1CVE-2019-18677An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not pro…
from 0, < 4.9-1
MEDIUM6.1CVE-2019-13345squid3 - security update
from 0, < 4.8-1
MEDIUM6.1CVE-2018-19131Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
from 0, < 4.4-1
MEDIUM5.9CVE-2019-12521An issue was discovered in Squid through 4.7.
from 0, < 4.11-1
MEDIUM5.9CVE-2019-12529An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7.
from 0, < 4.8-1
MEDIUM5.9CVE-2018-19132squid3 - security update
from 0, < 4.4-1
MEDIUM5.9CVE-2018-1172This vulnerability allows remote attackers to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-201803…
from 0, < 4.1-1
MEDIUM5.9CVE-2016-2390The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake er…
from 0, < 4.1-1
MEDIUM5.3CVE-2023-46846squid - security update
from 0, < 4.13-10+deb11u3
MEDIUM5.3CVE-2023-46846squid - security update
from 0, < 4.6-1+deb10u9
MEDIUM5.3CVE-2021-28116squid - security update
from 0, < 4.13-10+deb11u1
MEDIUM5.3CVE-2021-28116squid - security update
from 0, < 4.6-1+deb10u7
MEDIUM5.3CVE-2019-18678An issue was discovered in Squid 3.x and 4.x through 4.8.
from 0, < 4.9-1
MEDIUM4.9CVE-2021-28652An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
from 0, < 4.13-10
MEDIUM4.5CVE-2019-12522An issue was discovered in Squid through 4.7.
from 0
MEDIUM4.0CVE-2025-59362squid - security update
from 0, < 4.13-10+deb11u6
MEDIUM4.0CVE-2025-59362squid - security update
from 0, < 4.13-10+deb11u6
—CVE-2015-5400squid3 - security update
from 0, < 4.1-1
—CVE-2015-3455Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do…
from 0, < 4.1-1
—CVE-2015-0881CRLF injection vulnerability in Squid before 3.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response split…
from 0, < 4.1-1
—CVE-2014-7142The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a cra…
from 0, < 4.1-1
—CVE-2014-7141The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds re…
from 0, < 4.1-1
—CVE-2014-6270Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attacke…
from 0, < 4.1-1
—CVE-2014-3609squid - security update
from 0, < 2.7.STABLE9-2.1+deb6u1
—CVE-2014-3609squid - security update
from 0, < 2.7.STABLE9-5
—CVE-2014-3609squid - security update
from 0, < 2.7.STABLE9-4.1+deb7u1
—CVE-2013-0189cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service (re…
from 0, < 2.7.STABLE9-2
—CVE-2012-5643squid3 - denial of service
from 0, < 2.7.STABLE9-2
—CVE-2010-0639The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STAB…
from 0, < 2.7.STABLE8-1
—CVE-2010-0308lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assert…
from 0, < 2.7.STABLE8-1
—CVE-2009-2855squid squid3 - denial of service
from 0, < 2.7.STABLE7-1
—CVE-2009-2855squid squid3 - denial of service
from 0, < 2.6.5-6etch5
—CVE-2009-0801Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attac…
from 0, < 4.1-1
—CVE-2009-0478squid3 - denial of service
from 0, < 2.7.STABLE3-4.1
—CVE-2008-1612The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vecto…
from 0, < 2.6.18-1
—CVE-2007-6239squid - array bounds check
from 0, < 2.6.5-6etch4
—CVE-2007-6239squid - array bounds check
from 0, < 2.6.17-1
—CVE-2007-6239squid - array bounds check
from 0, < 2.6.5-6etch1
—CVE-2007-1560The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of serv…
from 0, < 2.6.5-6
—CVE-2007-0248The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an extern…
from 0, < 2.6.5-4
—CVE-2007-0247squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory li…
from 0, < 2.6.5-4
—CVE-2005-2917squid - several
from 0, < 2.5.10-7
—CVE-2005-2917squid - several
from 0, < 2.5.9-10sarge2
—CVE-2005-2796The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentati…
from 0, < 2.5.10-5
—CVE-2005-2794squid - assertion error
from 0, < 2.4.6-2woody11
—CVE-2005-2794squid - assertion error
from 0, < 2.5.9-10sarge1
—CVE-2005-2794squid - assertion error
from 0, < 2.5.10-5
—CVE-2005-1519squid - IP spoofing
from 0, < 2.5.9-9
—CVE-2005-1519squid - IP spoofing
from 0, < 2.4.6-2woody9
—CVE-2005-0194Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth…
from 0, < 2.5.7-7
—CVE-2005-0446squid - mising input sanitising
from 0, < 2.4.6-2woody7
—CVE-2005-0173squid - several
from 0, < 2.4.6-2woody6
—CVE-2005-1345squid - design flaw
from 0, < 2.4.6-2woody8
—CVE-2005-0446squid - mising input sanitising
from 0, < 2.5.8-3
—CVE-2005-1345squid - design flaw
from 0, < 2.5.9-7
—CVE-2005-0173squid - several
from 0, < 2.5.7-4
—CVE-2005-0241The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling…
from 0, < 2.5.7-7
—CVE-2005-0211Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitra…
from 0, < 2.5.7-6
—CVE-2005-0718Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a…
from 0, < 2.5.8
—CVE-2005-0626Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may…
from 0, < 2.5.9-2
—CVE-2005-0174Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP…
from 0, < 2.5.7-6
—CVE-2005-0175Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
from 0, < 2.5.7-6
—CVE-2004-0918The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a d…
from 0, < 2.5.7
—CVE-2005-0096Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory…
from 0, < 2.5.7-4
—CVE-2005-0094squid - buffer overflow, integer overflow
from 0, < 2.4.6-2woody5
—CVE-2005-0094squid - buffer overflow, integer overflow
from 0, < 2.5.7-4
—CVE-2005-0095The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed W…
from 0, < 2.5.7-4
—CVE-2005-0097The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type…
from 0, < 2.5.7-4
—CVE-2004-2479Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS…
from 0, < 2.5.8
—CVE-2004-2480Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass security controls and access arbitrary websites via "@@" sequences in a…
from 0, < 2.5
—CVE-2004-2654The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of serv…
from 0, < 2.5.6
—CVE-2004-0832The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote atta…
from 0, < 2.5.6-8
—CVE-2004-0541Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM hand…
from 0, < 2.5.5-5
—CVE-2004-0189squid - ACL bypass
from 0, < 2.4.6-2woody2
—CVE-2004-0189squid - ACL bypass
from 0, < 2.5.5-1
—CVE-2002-0916Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and…
from 0, < 2.4.7
—CVE-2002-0715Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy…
from 0, < 2.4.6-2
—CVE-2002-0714FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows r…
from 0, < 2.4.6
—CVE-2002-0713Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary cod…
from 0, < 2.4.6-2
—CVE-1999-0710squid - multiple
from 0, < 2.5.7-1
—CVE-1999-0710squid - multiple
from 0, < 2.4.6-2woody4