Количество 14
Количество 14
GHSA-4h4q-q4v8-2vq3
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
CVE-2019-18679
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
CVE-2019-18679
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
CVE-2019-18679
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
CVE-2019-18679
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to ...
BDU:2021-01719
Уязвимость механизма HTTP дайджест-аутентификации прокси-сервера Squid, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
SUSE-SU-2019:3067-1
Security update for squid
SUSE-SU-2020:0661-1
Security update for squid
openSUSE-SU-2019:2541-1
Security update for squid
openSUSE-SU-2019:2540-1
Security update for squid
SUSE-SU-2019:2975-1
Security update for squid
RLSA-2020:4743
Moderate: squid:4 security, bug fix, and enhancement update
ELSA-2020-4743
ELSA-2020-4743: squid:4 security, bug fix, and enhancement update (MODERATE)
SUSE-SU-2020:14460-1
Security update for squid3
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-4h4q-q4v8-2vq3 An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks. | 68% Средний | около 3 лет назад | |
 | CVE-2019-18679 An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks. | CVSS3: 7.5 | 68% Средний | больше 5 лет назад |
 | CVE-2019-18679 An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks. | CVSS3: 5.9 | 68% Средний | больше 5 лет назад |
 | CVE-2019-18679 An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks. | CVSS3: 7.5 | 68% Средний | больше 5 лет назад |
| CVE-2019-18679 An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to ... | CVSS3: 7.5 | 68% Средний | больше 5 лет назад |
 | BDU:2021-01719 Уязвимость механизма HTTP дайджест-аутентификации прокси-сервера Squid, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным | CVSS3: 7.5 | 68% Средний | больше 5 лет назад |
 | SUSE-SU-2019:3067-1 Security update for squid | больше 5 лет назад | ||
| SUSE-SU-2020:0661-1 Security update for squid | больше 5 лет назад | ||
| openSUSE-SU-2019:2541-1 Security update for squid | больше 5 лет назад | ||
| openSUSE-SU-2019:2540-1 Security update for squid | больше 5 лет назад | ||
| SUSE-SU-2019:2975-1 Security update for squid | больше 5 лет назад | ||
 | RLSA-2020:4743 Moderate: squid:4 security, bug fix, and enhancement update | больше 4 лет назад | ||
| ELSA-2020-4743 ELSA-2020-4743: squid:4 security, bug fix, and enhancement update (MODERATE) | больше 4 лет назад | ||
| SUSE-SU-2020:14460-1 Security update for squid3 | почти 5 лет назад |
Уязвимостей на страницу