Количество 14
Количество 14
CVE-2019-12519
An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.
CVE-2019-12519
An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.
CVE-2019-12519
An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.
CVE-2019-12519
An issue was discovered in Squid through 4.7. When handling the tag es ...
GHSA-2398-fmp4-7w9h
An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.
BDU:2021-01747
Уязвимость функции ESIExpression:: Evaluate прокси-сервера Squid, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
RLSA-2020:2041
Important: squid:4 security update
ELSA-2020-2041
ELSA-2020-2041: squid:4 security update (IMPORTANT)
ELSA-2020-2040
ELSA-2020-2040: squid security update (IMPORTANT)
SUSE-SU-2020:1227-1
Security update for squid
openSUSE-SU-2020:0623-1
Security update for squid
SUSE-SU-2020:1156-1
Security update for squid
SUSE-SU-2020:1134-1
Security update for squid
SUSE-SU-2020:14460-1
Security update for squid3
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-12519 An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow. | CVSS3: 9.8 | 6% Низкий | около 5 лет назад |
 | CVE-2019-12519 An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow. | CVSS3: 8.1 | 6% Низкий | около 5 лет назад |
 | CVE-2019-12519 An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow. | CVSS3: 9.8 | 6% Низкий | около 5 лет назад |
| CVE-2019-12519 An issue was discovered in Squid through 4.7. When handling the tag es ... | CVSS3: 9.8 | 6% Низкий | около 5 лет назад |
| GHSA-2398-fmp4-7w9h An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow. | 6% Низкий | около 3 лет назад | |
 | BDU:2021-01747 Уязвимость функции ESIExpression:: Evaluate прокси-сервера Squid, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании | CVSS3: 9.8 | 6% Низкий | около 5 лет назад |
 | RLSA-2020:2041 Important: squid:4 security update | около 5 лет назад | ||
| ELSA-2020-2041 ELSA-2020-2041: squid:4 security update (IMPORTANT) | около 5 лет назад | ||
| ELSA-2020-2040 ELSA-2020-2040: squid security update (IMPORTANT) | около 5 лет назад | ||
 | SUSE-SU-2020:1227-1 Security update for squid | около 5 лет назад | ||
| openSUSE-SU-2020:0623-1 Security update for squid | около 5 лет назад | ||
| SUSE-SU-2020:1156-1 Security update for squid | около 5 лет назад | ||
| SUSE-SU-2020:1134-1 Security update for squid | около 5 лет назад | ||
| SUSE-SU-2020:14460-1 Security update for squid3 | почти 5 лет назад |
Уязвимостей на страницу