Количество 11
Количество 11
CVE-2019-12524
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.
CVE-2019-12524
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.
CVE-2019-12524
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.
CVE-2019-12524
An issue was discovered in Squid through 4.7. When handling requests f ...
GHSA-wwv6-9vqw-fwxx
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.
BDU:2020-02595
Уязвимость прокси-сервера Squid, связанная с отсутствием механизма аутентификации для url_regex, позволяющая нарушителю получить доступ к заблокированному ресурсу
ELSA-2022-22254
ELSA-2022-22254: squid security update (IMPORTANT)
SUSE-SU-2020:1227-1
Security update for squid
RLSA-2020:4743
Moderate: squid:4 security, bug fix, and enhancement update
ELSA-2020-4743
ELSA-2020-4743: squid:4 security, bug fix, and enhancement update (MODERATE)
SUSE-SU-2020:14460-1
Security update for squid3
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-12524 An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource. | CVSS3: 9.8 | 1% Низкий | больше 5 лет назад |
 | CVE-2019-12524 An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource. | CVSS3: 5.3 | 1% Низкий | больше 5 лет назад |
 | CVE-2019-12524 An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource. | CVSS3: 9.8 | 1% Низкий | больше 5 лет назад |
| CVE-2019-12524 An issue was discovered in Squid through 4.7. When handling requests f ... | CVSS3: 9.8 | 1% Низкий | больше 5 лет назад |
| GHSA-wwv6-9vqw-fwxx An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource. | 1% Низкий | около 3 лет назад | |
 | BDU:2020-02595 Уязвимость прокси-сервера Squid, связанная с отсутствием механизма аутентификации для url_regex, позволяющая нарушителю получить доступ к заблокированному ресурсу | CVSS2: 7.5 | 1% Низкий | больше 5 лет назад |
| ELSA-2022-22254 ELSA-2022-22254: squid security update (IMPORTANT) | почти 3 года назад | ||
 | SUSE-SU-2020:1227-1 Security update for squid | больше 5 лет назад | ||
 | RLSA-2020:4743 Moderate: squid:4 security, bug fix, and enhancement update | почти 5 лет назад | ||
| ELSA-2020-4743 ELSA-2020-4743: squid:4 security, bug fix, and enhancement update (MODERATE) | почти 5 лет назад | ||
| SUSE-SU-2020:14460-1 Security update for squid3 | почти 5 лет назад |
Уязвимостей на страницу