Количество 14
Количество 14
CVE-2019-12525
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.
CVE-2019-12525
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.
CVE-2019-12525
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.
CVE-2019-12525
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through ...
GHSA-wxh3-97xf-wv5x
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.
BDU:2020-02395
Уязвимость компонента Proxy-Authentication прокси-сервера Squid, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
SUSE-SU-2019:2089-1
Security update for squid
RLSA-2020:2041
Important: squid:4 security update
ELSA-2020-2041
ELSA-2020-2041: squid:4 security update (IMPORTANT)
ELSA-2020-2040
ELSA-2020-2040: squid security update (IMPORTANT)
openSUSE-SU-2019:2541-1
Security update for squid
openSUSE-SU-2019:2540-1
Security update for squid
SUSE-SU-2019:2975-1
Security update for squid
SUSE-SU-2020:14460-1
Security update for squid3
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-12525 An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1. | CVSS3: 9.8 | 55% Средний | больше 6 лет назад |
 | CVE-2019-12525 An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1. | CVSS3: 4.3 | 55% Средний | больше 6 лет назад |
 | CVE-2019-12525 An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1. | CVSS3: 9.8 | 55% Средний | больше 6 лет назад |
| CVE-2019-12525 An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through ... | CVSS3: 9.8 | 55% Средний | больше 6 лет назад |
| GHSA-wxh3-97xf-wv5x An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1. | CVSS3: 9.8 | 55% Средний | больше 3 лет назад |
 | BDU:2020-02395 Уязвимость компонента Proxy-Authentication прокси-сервера Squid, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код | CVSS3: 9.8 | 55% Средний | больше 6 лет назад |
 | SUSE-SU-2019:2089-1 Security update for squid | больше 6 лет назад | ||
 | RLSA-2020:2041 Important: squid:4 security update | больше 5 лет назад | ||
| ELSA-2020-2041 ELSA-2020-2041: squid:4 security update (IMPORTANT) | больше 5 лет назад | ||
| ELSA-2020-2040 ELSA-2020-2040: squid security update (IMPORTANT) | больше 5 лет назад | ||
| openSUSE-SU-2019:2541-1 Security update for squid | около 6 лет назад | ||
| openSUSE-SU-2019:2540-1 Security update for squid | около 6 лет назад | ||
| SUSE-SU-2019:2975-1 Security update for squid | около 6 лет назад | ||
| SUSE-SU-2020:14460-1 Security update for squid3 | больше 5 лет назад |
Уязвимостей на страницу