{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","type":"deb","namespace":"debian","name":"squid","version":"4.13-10+deb11u3","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.13-10+deb11u4","latest_non_vulnerable_version":"7.5-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64300?format=json","vulnerability_id":"VCID-5tpw-u7cg-hqd7","summary":"squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33526.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33526.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33526","reference_id":"","reference_type":"","scores":[{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80755","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33526"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451574","reference_id":"2451574","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451574"},{"reference_url":"https://github.com/squid-cache/squid/commit/8a7d42f9d44befb8fcbbb619505587c8de6a1e91","reference_id":"8a7d42f9d44befb8fcbbb619505587c8de6a1e91","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:20:32Z/"}],"url":"https://github.com/squid-cache/squid/commit/8a7d42f9d44befb8fcbbb619505587c8de6a1e91"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-hpfx-h48q-gvwg","reference_id":"GHSA-hpfx-h48q-gvwg","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:20:32Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-hpfx-h48q-gvwg"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10255","reference_id":"RHSA-2026:10255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10256","reference_id":"RHSA-2026:10256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10257","reference_id":"RHSA-2026:10257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11901","reference_id":"RHSA-2026:11901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20564","reference_id":"RHSA-2026:20564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20565","reference_id":"RHSA-2026:20565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20580","reference_id":"RHSA-2026:20580","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20580"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6301","reference_id":"RHSA-2026:6301","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6301"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8119","reference_id":"RHSA-2026:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8317","reference_id":"RHSA-2026:8317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8880","reference_id":"RHSA-2026:8880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9220","reference_id":"RHSA-2026:9220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9220"},{"reference_url":"https://usn.ubuntu.com/8157-1/","reference_id":"USN-8157-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8157-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2026-33526"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5tpw-u7cg-hqd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91793?format=json","vulnerability_id":"VCID-7sua-wuyu-cqby","summary":"squid: Use-After-Free in the HTTP Collapsed Forwarding Feature","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49288.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49288.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49288","reference_id":"","reference_type":"","scores":[{"value":"0.02101","scoring_system":"epss","scoring_elements":"0.84402","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49288"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49288","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49288"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252918","reference_id":"2252918","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252918"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/","reference_id":"A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-rj5h-46j6-q2g5","reference_id":"GHSA-rj5h-46j6-q2g5","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:35Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-rj5h-46j6-q2g5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/","reference_id":"MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240119-0006/","reference_id":"ntap-20240119-0006","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:35Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240119-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7465","reference_id":"RHSA-2023:7465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7668","reference_id":"RHSA-2023:7668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7668"},{"reference_url":"https://usn.ubuntu.com/6728-1/","reference_id":"USN-6728-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6728-1/"},{"reference_url":"https://usn.ubuntu.com/6728-3/","reference_id":"USN-6728-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6728-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129636?format=json","purl":"pkg:deb/debian/squid@6.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2023-49288"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7sua-wuyu-cqby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64304?format=json","vulnerability_id":"VCID-pshb-b8z8-gqhm","summary":"Squid: Squid: Information disclosure via improper input validation in ICP traffic","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33515.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33515.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33515","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13884","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33515"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/squid-cache/squid/pull/2220","reference_id":"2220","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T14:19:33Z/"}],"url":"https://github.com/squid-cache/squid/pull/2220"},{"reference_url":"https://github.com/squid-cache/squid/pull/2220#discussion_r2727683637","reference_id":"2220#discussion_r2727683637","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T14:19:33Z/"}],"url":"https://github.com/squid-cache/squid/pull/2220#discussion_r2727683637"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451581","reference_id":"2451581","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451581"},{"reference_url":"https://github.com/squid-cache/squid/commit/8138e909d2058d4401e0ad49b583afaec912b165","reference_id":"8138e909d2058d4401e0ad49b583afaec912b165","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T14:19:33Z/"}],"url":"https://github.com/squid-cache/squid/commit/8138e909d2058d4401e0ad49b583afaec912b165"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-84p4-hcx7-jj7c","reference_id":"GHSA-84p4-hcx7-jj7c","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T14:19:33Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-84p4-hcx7-jj7c"},{"reference_url":"https://usn.ubuntu.com/8157-1/","reference_id":"USN-8157-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8157-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2026-33515"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pshb-b8z8-gqhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101455?format=json","vulnerability_id":"VCID-qyjc-znbd-dub6","summary":"Windows NTLM V1 Elevation of Privilege Vulnerability","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21311","reference_id":"","reference_type":"","scores":[{"value":"0.04422","scoring_system":"epss","scoring_elements":"0.89233","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21311"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21311","reference_id":"CVE-2025-21311","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-14T20:58:33Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21311"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129657?format=json","purl":"pkg:deb/debian/squid@7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2025-21311"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qyjc-znbd-dub6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64305?format=json","vulnerability_id":"VCID-rv56-tjvg-bbbc","summary":"Squid: Squid: Denial of Service via crafted ICP traffic","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32748.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32748.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32748","reference_id":"","reference_type":"","scores":[{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.4348","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451577","reference_id":"2451577","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451577"},{"reference_url":"https://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b","reference_id":"703e07d25ca6fa11f52d20bf0bb879e22ab7481b","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T14:19:13Z/"}],"url":"https://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq","reference_id":"GHSA-f9p7-3jqg-hhvq","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T14:19:13Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10255","reference_id":"RHSA-2026:10255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10256","reference_id":"RHSA-2026:10256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10257","reference_id":"RHSA-2026:10257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11901","reference_id":"RHSA-2026:11901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20564","reference_id":"RHSA-2026:20564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20565","reference_id":"RHSA-2026:20565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20580","reference_id":"RHSA-2026:20580","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20580"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6301","reference_id":"RHSA-2026:6301","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6301"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8119","reference_id":"RHSA-2026:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8317","reference_id":"RHSA-2026:8317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8880","reference_id":"RHSA-2026:8880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9220","reference_id":"RHSA-2026:9220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9220"},{"reference_url":"https://usn.ubuntu.com/8157-1/","reference_id":"USN-8157-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8157-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2026-32748"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rv56-tjvg-bbbc"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5477?format=json","vulnerability_id":"VCID-1krf-hhrn-tfdd","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31806.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31806.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31806","reference_id":"","reference_type":"","scores":[{"value":"0.85178","scoring_system":"epss","scoring_elements":"0.99372","published_at":"2026-06-04T12:55:00Z"},{"value":"0.85178","scoring_system":"epss","scoring_elements":"0.99374","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1962595","reference_id":"1962595","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1962595"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989043","reference_id":"989043","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989043"},{"reference_url":"https://security.archlinux.org/AVG-1975","reference_id":"AVG-1975","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1975"},{"reference_url":"https://security.gentoo.org/glsa/202105-14","reference_id":"GLSA-202105-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4292","reference_id":"RHSA-2021:4292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4292"},{"reference_url":"https://usn.ubuntu.com/4981-1/","reference_id":"USN-4981-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4981-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129623?format=json","purl":"pkg:deb/debian/squid@4.13-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2021-31806"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1krf-hhrn-tfdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101441?format=json","vulnerability_id":"VCID-1qpe-g66r-r7d5","summary":"An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any downstream caches with content from an arbitrary source. When configured for relaxed header parsing (the default), Squid relays headers containing whitespace characters to upstream servers. When this occurs as a prefix to a Content-Length header, the frame length specified will be ignored by Squid (allowing for a conflicting length to be used from another Content-Length header) but relayed upstream.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15810.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15810.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15810","reference_id":"","reference_type":"","scores":[{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35927","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36022","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15811","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15811"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24606"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1871700","reference_id":"1871700","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1871700"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968934","reference_id":"968934","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968934"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3623","reference_id":"RHSA-2020:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4082","reference_id":"RHSA-2020:4082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4082"},{"reference_url":"https://usn.ubuntu.com/4477-1/","reference_id":"USN-4477-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4477-1/"},{"reference_url":"https://usn.ubuntu.com/4551-1/","reference_id":"USN-4551-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4551-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129616?format=json","purl":"pkg:deb/debian/squid@4.13-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2020-15810"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1qpe-g66r-r7d5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101338?format=json","vulnerability_id":"VCID-1r8b-ykhg-9bar","summary":"Format string vulnerability in the logging() function in C-Note Squid LDAP authentication module (squid_auth_LDAP) 2.0.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code by triggering log messages.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0735","reference_id":"","reference_type":"","scores":[{"value":"0.0175","scoring_system":"epss","scoring_elements":"0.82901","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0175","scoring_system":"epss","scoring_elements":"0.82928","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0735"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2002-0735"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1r8b-ykhg-9bar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101354?format=json","vulnerability_id":"VCID-1xuh-awaq-rybw","summary":"squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0173.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0173.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0173","reference_id":"","reference_type":"","scores":[{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82578","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82605","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0173"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0173","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0173"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617478","reference_id":"1617478","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:060","reference_id":"RHSA-2005:060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:061","reference_id":"RHSA-2005:061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:061"},{"reference_url":"https://usn.ubuntu.com/77-1/","reference_id":"USN-77-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/77-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129569?format=json","purl":"pkg:deb/debian/squid@2.5.7-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.7-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0173"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1xuh-awaq-rybw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101376?format=json","vulnerability_id":"VCID-21hf-pjhc-gkek","summary":"The \"cache update reply processing\" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6239.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6239.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6239","reference_id":"","reference_type":"","scores":[{"value":"0.08998","scoring_system":"epss","scoring_elements":"0.92766","published_at":"2026-06-04T12:55:00Z"},{"value":"0.08998","scoring_system":"epss","scoring_elements":"0.92779","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6239"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6239","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6239"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=410181","reference_id":"410181","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=410181"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=455910","reference_id":"455910","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=455910"},{"reference_url":"https://security.gentoo.org/glsa/200801-05","reference_id":"GLSA-200801-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200801-05"},{"reference_url":"https://security.gentoo.org/glsa/200903-38","reference_id":"GLSA-200903-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200903-38"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1130","reference_id":"RHSA-2007:1130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1130"},{"reference_url":"https://usn.ubuntu.com/565-1/","reference_id":"USN-565-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/565-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129585?format=json","purl":"pkg:deb/debian/squid@2.6.17-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.6.17-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2007-6239"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-21hf-pjhc-gkek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101412?format=json","vulnerability_id":"VCID-2fq8-mupa-gfc9","summary":"Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4054.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4054.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4054","reference_id":"","reference_type":"","scores":[{"value":"0.79915","scoring_system":"epss","scoring_elements":"0.99128","published_at":"2026-06-04T12:55:00Z"},{"value":"0.79915","scoring_system":"epss","scoring_elements":"0.99129","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1329136","reference_id":"1329136","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1329136"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1138","reference_id":"RHSA-2016:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1139","reference_id":"RHSA-2016:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1140","reference_id":"RHSA-2016:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1140"},{"reference_url":"https://usn.ubuntu.com/2995-1/","reference_id":"USN-2995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-4054"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2fq8-mupa-gfc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101448?format=json","vulnerability_id":"VCID-2wzr-qudp-a7ff","summary":"An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated unexpectedly. This leads to the Squid process also terminating and a denial of service for all clients using the proxy.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8517.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8517.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8517","reference_id":"","reference_type":"","scores":[{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74874","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74903","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8517"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798545","reference_id":"1798545","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798545"},{"reference_url":"https://security.gentoo.org/glsa/202003-34","reference_id":"GLSA-202003-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-34"},{"reference_url":"https://usn.ubuntu.com/4289-1/","reference_id":"USN-4289-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4289-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129609?format=json","purl":"pkg:deb/debian/squid@4.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8517"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2wzr-qudp-a7ff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90948?format=json","vulnerability_id":"VCID-2x42-wmes-2uen","summary":"squid: Denial of Service in HTTP Chunked Decoding","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25111.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25111.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25111","reference_id":"","reference_type":"","scores":[{"value":"0.03051","scoring_system":"epss","scoring_elements":"0.86967","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25111"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268366","reference_id":"2268366","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268366"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7R4KPSO3MQT3KAOZV7LC2GG3CYMCGK7H/","reference_id":"7R4KPSO3MQT3KAOZV7LC2GG3CYMCGK7H","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-25T16:32:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7R4KPSO3MQT3KAOZV7LC2GG3CYMCGK7H/"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-72c2-c3wm-8qxc","reference_id":"GHSA-72c2-c3wm-8qxc","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-25T16:32:12Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-72c2-c3wm-8qxc"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240605-0001/","reference_id":"ntap-20240605-0001","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-25T16:32:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240605-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1375","reference_id":"RHSA-2024:1375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1376","reference_id":"RHSA-2024:1376","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1479","reference_id":"RHSA-2024:1479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1515","reference_id":"RHSA-2024:1515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1832","reference_id":"RHSA-2024:1832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1833","reference_id":"RHSA-2024:1833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2777","reference_id":"RHSA-2024:2777","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2777"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2822","reference_id":"RHSA-2024:2822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2822"},{"reference_url":"http://www.squid-cache.org/Versions/v6/SQUID-2024_1.patch","reference_id":"SQUID-2024_1.patch","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-25T16:32:12Z/"}],"url":"http://www.squid-cache.org/Versions/v6/SQUID-2024_1.patch"},{"reference_url":"https://usn.ubuntu.com/6728-1/","reference_id":"USN-6728-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6728-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWQHRDRHDM5PQTU6BHH4C5KGL37X6TVI/","reference_id":"XWQHRDRHDM5PQTU6BHH4C5KGL37X6TVI","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-25T16:32:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWQHRDRHDM5PQTU6BHH4C5KGL37X6TVI/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129652?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129632?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129653?format=json","purl":"pkg:deb/debian/squid@6.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2024-25111"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2x42-wmes-2uen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101410?format=json","vulnerability_id":"VCID-2zct-5w44-gkag","summary":"Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4053.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4053.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4053","reference_id":"","reference_type":"","scores":[{"value":"0.16544","scoring_system":"epss","scoring_elements":"0.95028","published_at":"2026-06-04T12:55:00Z"},{"value":"0.16544","scoring_system":"epss","scoring_elements":"0.95037","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1329136","reference_id":"1329136","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1329136"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1138","reference_id":"RHSA-2016:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1139","reference_id":"RHSA-2016:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1140","reference_id":"RHSA-2016:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1140"},{"reference_url":"https://usn.ubuntu.com/2995-1/","reference_id":"USN-2995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-4053"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2zct-5w44-gkag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101333?format=json","vulnerability_id":"VCID-39fn-vfvp-j3gp","summary":"Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP server directory listing parser when HTML output is generated.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0713.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0713.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0713","reference_id":"","reference_type":"","scores":[{"value":"0.01341","scoring_system":"epss","scoring_elements":"0.80354","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01341","scoring_system":"epss","scoring_elements":"0.80379","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0713"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616800","reference_id":"1616800","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:051","reference_id":"RHSA-2002:051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:130","reference_id":"RHSA-2002:130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:130"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129557?format=json","purl":"pkg:deb/debian/squid@2.4.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.4.6-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2002-0713"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-39fn-vfvp-j3gp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101364?format=json","vulnerability_id":"VCID-3c8n-ttbh-5yhm","summary":"Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1345.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1345.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1345","reference_id":"","reference_type":"","scores":[{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.40973","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.41049","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1345"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1345"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617631","reference_id":"1617631","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:415","reference_id":"RHSA-2005:415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:415"},{"reference_url":"https://usn.ubuntu.com/122-1/","reference_id":"USN-122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129576?format=json","purl":"pkg:deb/debian/squid@2.5.9-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.9-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-1345"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3c8n-ttbh-5yhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101386?format=json","vulnerability_id":"VCID-3nbz-gtse-vfcz","summary":"Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response.  NOTE: This issue exists because of a CVE-2005-0094 regression.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3205.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3205.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3205","reference_id":"","reference_type":"","scores":[{"value":"0.74962","scoring_system":"epss","scoring_elements":"0.98889","published_at":"2026-06-04T12:55:00Z"},{"value":"0.74962","scoring_system":"epss","scoring_elements":"0.98892","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3205"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=734583","reference_id":"734583","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=734583"},{"reference_url":"https://security.gentoo.org/glsa/201110-24","reference_id":"GLSA-201110-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1293","reference_id":"RHSA-2011:1293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1293"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2011-3205"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3nbz-gtse-vfcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101355?format=json","vulnerability_id":"VCID-3nc4-d8r8-w7gr","summary":"Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0174.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0174.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0174","reference_id":"","reference_type":"","scores":[{"value":"0.83332","scoring_system":"epss","scoring_elements":"0.99288","published_at":"2026-06-04T12:55:00Z"},{"value":"0.83332","scoring_system":"epss","scoring_elements":"0.99289","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0174"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0174","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0174"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617479","reference_id":"1617479","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:060","reference_id":"RHSA-2005:060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:061","reference_id":"RHSA-2005:061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:061"},{"reference_url":"https://usn.ubuntu.com/77-1/","reference_id":"USN-77-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/77-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129570?format=json","purl":"pkg:deb/debian/squid@2.5.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0174"],"risk_score":1.4,"exploitability":"2.0","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3nc4-d8r8-w7gr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101335?format=json","vulnerability_id":"VCID-3tg2-re6y-g7gm","summary":"Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0715.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0715.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0715","reference_id":"","reference_type":"","scores":[{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.613","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61348","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0715"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0715","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0715"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616802","reference_id":"1616802","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:051","reference_id":"RHSA-2002:051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:130","reference_id":"RHSA-2002:130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:130"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129557?format=json","purl":"pkg:deb/debian/squid@2.4.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.4.6-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2002-0715"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3tg2-re6y-g7gm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101357?format=json","vulnerability_id":"VCID-3uxw-bjux-kkad","summary":"Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0194","reference_id":"","reference_type":"","scores":[{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.71409","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.71453","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0194"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0194","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0194"},{"reference_url":"https://usn.ubuntu.com/84-1/","reference_id":"USN-84-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/84-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129571?format=json","purl":"pkg:deb/debian/squid@2.5.7-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.7-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0194"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3uxw-bjux-kkad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101409?format=json","vulnerability_id":"VCID-4238-kt68-byew","summary":"Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4052.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4052.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4052","reference_id":"","reference_type":"","scores":[{"value":"0.23622","scoring_system":"epss","scoring_elements":"0.96087","published_at":"2026-06-04T12:55:00Z"},{"value":"0.23622","scoring_system":"epss","scoring_elements":"0.96092","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1329136","reference_id":"1329136","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1329136"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1138","reference_id":"RHSA-2016:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1139","reference_id":"RHSA-2016:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1140","reference_id":"RHSA-2016:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1140"},{"reference_url":"https://usn.ubuntu.com/2995-1/","reference_id":"USN-2995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-4052"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4238-kt68-byew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3981?format=json","vulnerability_id":"VCID-43hy-vgzs-e7ek","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12519.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12519.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12519","reference_id":"","reference_type":"","scores":[{"value":"0.07536","scoring_system":"epss","scoring_elements":"0.91959","published_at":"2026-06-04T12:55:00Z"},{"value":"0.07536","scoring_system":"epss","scoring_elements":"0.91972","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827552","reference_id":"1827552","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827552"},{"reference_url":"https://security.archlinux.org/AVG-1146","reference_id":"AVG-1146","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1146"},{"reference_url":"https://security.gentoo.org/glsa/202005-05","reference_id":"GLSA-202005-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2038","reference_id":"RHSA-2020:2038","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2039","reference_id":"RHSA-2020:2039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2040","reference_id":"RHSA-2020:2040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2041","reference_id":"RHSA-2020:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2041"},{"reference_url":"https://usn.ubuntu.com/4356-1/","reference_id":"USN-4356-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4356-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129603?format=json","purl":"pkg:deb/debian/squid@4.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12519"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-43hy-vgzs-e7ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101419?format=json","vulnerability_id":"VCID-482d-pvjx-aya1","summary":"This vulnerability allows remote attackers to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists within ClientRequestContext::sslBumpAccessCheck(). A crafted request can trigger the dereference of a null pointer. An attacker can leverage this vulnerability to create a denial-of-service condition to users of the system. Was ZDI-CAN-6088.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1172.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1172.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1172","reference_id":"","reference_type":"","scores":[{"value":"0.08729","scoring_system":"epss","scoring_elements":"0.92643","published_at":"2026-06-04T12:55:00Z"},{"value":"0.08729","scoring_system":"epss","scoring_elements":"0.92655","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1172"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1172","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1172"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569424","reference_id":"1569424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569424"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2018-1172"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-482d-pvjx-aya1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101446?format=json","vulnerability_id":"VCID-4yrg-ns3w-77af","summary":"An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8450.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8450.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8450","reference_id":"","reference_type":"","scores":[{"value":"0.46309","scoring_system":"epss","scoring_elements":"0.97713","published_at":"2026-06-04T12:55:00Z"},{"value":"0.46309","scoring_system":"epss","scoring_elements":"0.97717","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8450"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798552","reference_id":"1798552","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798552"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950802","reference_id":"950802","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950802"},{"reference_url":"https://security.gentoo.org/glsa/202003-34","reference_id":"GLSA-202003-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4082","reference_id":"RHSA-2020:4082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4289-1/","reference_id":"USN-4289-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4289-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129609?format=json","purl":"pkg:deb/debian/squid@4.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8450"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4yrg-ns3w-77af"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101358?format=json","vulnerability_id":"VCID-53jt-gwr4-8kgt","summary":"Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0211.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0211.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0211","reference_id":"","reference_type":"","scores":[{"value":"0.45323","scoring_system":"epss","scoring_elements":"0.97669","published_at":"2026-06-04T12:55:00Z"},{"value":"0.45323","scoring_system":"epss","scoring_elements":"0.97673","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0211"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0211","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0211"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617498","reference_id":"1617498","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:060","reference_id":"RHSA-2005:060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:061","reference_id":"RHSA-2005:061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:061"},{"reference_url":"https://usn.ubuntu.com/77-1/","reference_id":"USN-77-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/77-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129570?format=json","purl":"pkg:deb/debian/squid@2.5.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0211"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-53jt-gwr4-8kgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101398?format=json","vulnerability_id":"VCID-542u-f6fr-8uee","summary":"CRLF injection vulnerability in Squid before 3.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted header in a response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0881.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0881.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0881","reference_id":"","reference_type":"","scores":[{"value":"0.04383","scoring_system":"epss","scoring_elements":"0.89167","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04383","scoring_system":"epss","scoring_elements":"0.89184","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0881"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0881","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0881"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1199518","reference_id":"1199518","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1199518"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2015-0881"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-542u-f6fr-8uee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101382?format=json","vulnerability_id":"VCID-5acx-thb8-vfdn","summary":"The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2855.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2855.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2855","reference_id":"","reference_type":"","scores":[{"value":"0.60658","scoring_system":"epss","scoring_elements":"0.98317","published_at":"2026-06-04T12:55:00Z"},{"value":"0.60658","scoring_system":"epss","scoring_elements":"0.9832","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2855"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=518182","reference_id":"518182","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=518182"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534982","reference_id":"534982","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534982"},{"reference_url":"https://security.gentoo.org/glsa/201110-24","reference_id":"GLSA-201110-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0221","reference_id":"RHSA-2010:0221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0221"},{"reference_url":"https://usn.ubuntu.com/901-1/","reference_id":"USN-901-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/901-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129590?format=json","purl":"pkg:deb/debian/squid@2.7.STABLE7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.7.STABLE7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2855"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5acx-thb8-vfdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101400?format=json","vulnerability_id":"VCID-5f1a-x42j-eqhg","summary":"Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5400.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5400.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5400","reference_id":"","reference_type":"","scores":[{"value":"0.24696","scoring_system":"epss","scoring_elements":"0.96242","published_at":"2026-06-04T12:55:00Z"},{"value":"0.24696","scoring_system":"epss","scoring_elements":"0.96247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5400"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1240741","reference_id":"1240741","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1240741"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5400"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5f1a-x42j-eqhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3185?format=json","vulnerability_id":"VCID-5shc-4uzx-5yf8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41318.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41318.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41318","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33946","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33843","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41318"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41318","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41318"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1020586","reference_id":"1020586","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1020586"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/09/23/2","reference_id":"2","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:15:32Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/09/23/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2129771","reference_id":"2129771","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2129771"},{"reference_url":"https://security.archlinux.org/AVG-2816","reference_id":"AVG-2816","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2816"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-394c-rr7q-6g78","reference_id":"GHSA-394c-rr7q-6g78","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:15:32Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-394c-rr7q-6g78"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6774","reference_id":"RHSA-2022:6774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6775","reference_id":"RHSA-2022:6775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6776","reference_id":"RHSA-2022:6776","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6776"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6777","reference_id":"RHSA-2022:6777","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6777"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6815","reference_id":"RHSA-2022:6815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6839","reference_id":"RHSA-2022:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6839"},{"reference_url":"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_2.patch","reference_id":"SQUID-2022_2.patch","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:15:32Z/"}],"url":"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_2.patch"},{"reference_url":"http://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_2.patch","reference_id":"SQUID-2022_2.patch","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:15:32Z/"}],"url":"http://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_2.patch"},{"reference_url":"https://usn.ubuntu.com/5641-1/","reference_id":"USN-5641-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5641-1/"},{"reference_url":"https://usn.ubuntu.com/6857-1/","reference_id":"USN-6857-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6857-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129629?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129628?format=json","purl":"pkg:deb/debian/squid@5.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2022-41318"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5shc-4uzx-5yf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101373?format=json","vulnerability_id":"VCID-6cdq-k5s3-byaz","summary":"The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0248.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0248.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0248","reference_id":"","reference_type":"","scores":[{"value":"0.52625","scoring_system":"epss","scoring_elements":"0.97993","published_at":"2026-06-04T12:55:00Z"},{"value":"0.52625","scoring_system":"epss","scoring_elements":"0.97996","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0248"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=407202","reference_id":"407202","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=407202"},{"reference_url":"https://security.gentoo.org/glsa/200701-22","reference_id":"GLSA-200701-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200701-22"},{"reference_url":"https://usn.ubuntu.com/414-1/","reference_id":"USN-414-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/414-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129582?format=json","purl":"pkg:deb/debian/squid@2.6.5-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.6.5-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2007-0248"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6cdq-k5s3-byaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101438?format=json","vulnerability_id":"VCID-6hvn-6cuu-duc1","summary":"An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs because unrecognized error values are mapped to NULL, but later code expects that each error value is mapped to a valid error string.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14058.json","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14058.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14058","reference_id":"","reference_type":"","scores":[{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.68129","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.68169","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14058"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14058","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14058"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852554","reference_id":"1852554","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852554"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129615?format=json","purl":"pkg:deb/debian/squid@4.12-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.12-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2020-14058"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6hvn-6cuu-duc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101439?format=json","vulnerability_id":"VCID-6nqw-htvj-gyff","summary":"An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14059.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14059.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14059","reference_id":"","reference_type":"","scores":[{"value":"0.03424","scoring_system":"epss","scoring_elements":"0.87676","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03424","scoring_system":"epss","scoring_elements":"0.87697","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14059"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852558","reference_id":"1852558","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852558"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2020-14059"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6nqw-htvj-gyff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101367?format=json","vulnerability_id":"VCID-6rbp-pb6j-pbe5","summary":"The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2796.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2796.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2796","reference_id":"","reference_type":"","scores":[{"value":"0.15104","scoring_system":"epss","scoring_elements":"0.94714","published_at":"2026-06-04T12:55:00Z"},{"value":"0.15104","scoring_system":"epss","scoring_elements":"0.94723","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2796"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617755","reference_id":"1617755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617755"},{"reference_url":"https://security.gentoo.org/glsa/200509-06","reference_id":"GLSA-200509-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200509-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:766","reference_id":"RHSA-2005:766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:766"},{"reference_url":"https://usn.ubuntu.com/183-1/","reference_id":"USN-183-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/183-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129579?format=json","purl":"pkg:deb/debian/squid@2.5.10-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.10-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-2796"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6rbp-pb6j-pbe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101442?format=json","vulnerability_id":"VCID-6tsh-kmnv-nudz","summary":"An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the browser cache and any downstream caches with content from an arbitrary source. Squid uses a string search instead of parsing the Transfer-Encoding header to find chunked encoding. This allows an attacker to hide a second request inside Transfer-Encoding: it is interpreted by Squid as chunked and split out into a second request delivered upstream. Squid will then deliver two distinct responses to the client, corrupting any downstream caches.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15811.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15811.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15811","reference_id":"","reference_type":"","scores":[{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.39992","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40074","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15811"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15811","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15811"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24606"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1871702","reference_id":"1871702","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1871702"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968932","reference_id":"968932","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3623","reference_id":"RHSA-2020:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4082","reference_id":"RHSA-2020:4082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4082"},{"reference_url":"https://usn.ubuntu.com/4477-1/","reference_id":"USN-4477-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4477-1/"},{"reference_url":"https://usn.ubuntu.com/4551-1/","reference_id":"USN-4551-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4551-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129616?format=json","purl":"pkg:deb/debian/squid@4.13-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2020-15811"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6tsh-kmnv-nudz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5476?format=json","vulnerability_id":"VCID-761q-x6eb-uyh7","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31807.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31807.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31807","reference_id":"","reference_type":"","scores":[{"value":"0.33712","scoring_system":"epss","scoring_elements":"0.97039","published_at":"2026-06-04T12:55:00Z"},{"value":"0.33712","scoring_system":"epss","scoring_elements":"0.97043","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1962597","reference_id":"1962597","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1962597"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989043","reference_id":"989043","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989043"},{"reference_url":"https://security.archlinux.org/AVG-1975","reference_id":"AVG-1975","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1975"},{"reference_url":"https://security.gentoo.org/glsa/202105-14","reference_id":"GLSA-202105-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4292","reference_id":"RHSA-2021:4292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4292"},{"reference_url":"https://usn.ubuntu.com/4981-1/","reference_id":"USN-4981-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4981-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129623?format=json","purl":"pkg:deb/debian/squid@4.13-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2021-31807"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-761q-x6eb-uyh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101433?format=json","vulnerability_id":"VCID-78bd-cscn-qqfv","summary":"The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13345.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13345.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13345","reference_id":"","reference_type":"","scores":[{"value":"0.41512","scoring_system":"epss","scoring_elements":"0.97485","published_at":"2026-06-04T12:55:00Z"},{"value":"0.41512","scoring_system":"epss","scoring_elements":"0.97491","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13345"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13345"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727744","reference_id":"1727744","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727744"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931478","reference_id":"931478","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3476","reference_id":"RHSA-2019:3476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1068","reference_id":"RHSA-2020:1068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1068"},{"reference_url":"https://usn.ubuntu.com/4059-1/","reference_id":"USN-4059-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4059-1/"},{"reference_url":"https://usn.ubuntu.com/4059-2/","reference_id":"USN-4059-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4059-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129604?format=json","purl":"pkg:deb/debian/squid@4.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-13345"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-78bd-cscn-qqfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5475?format=json","vulnerability_id":"VCID-7d68-mydh-57cm","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31808.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31808.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31808","reference_id":"","reference_type":"","scores":[{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56255","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5631","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1962599","reference_id":"1962599","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1962599"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989043","reference_id":"989043","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989043"},{"reference_url":"https://security.archlinux.org/AVG-1975","reference_id":"AVG-1975","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1975"},{"reference_url":"https://security.gentoo.org/glsa/202105-14","reference_id":"GLSA-202105-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4292","reference_id":"RHSA-2021:4292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4292"},{"reference_url":"https://usn.ubuntu.com/4981-1/","reference_id":"USN-4981-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4981-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129623?format=json","purl":"pkg:deb/debian/squid@4.13-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2021-31808"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7d68-mydh-57cm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101378?format=json","vulnerability_id":"VCID-7t4c-w47k-qyc9","summary":"Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0478.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0478.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0478","reference_id":"","reference_type":"","scores":[{"value":"0.77052","scoring_system":"epss","scoring_elements":"0.98984","published_at":"2026-06-04T12:55:00Z"},{"value":"0.77052","scoring_system":"epss","scoring_elements":"0.98985","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0478"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=484246","reference_id":"484246","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=484246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514142","reference_id":"514142","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514142"},{"reference_url":"https://security.gentoo.org/glsa/200903-38","reference_id":"GLSA-200903-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200903-38"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8021.pl","reference_id":"OSVDB-51810;CVE-2009-0478","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8021.pl"},{"reference_url":"https://usn.ubuntu.com/724-1/","reference_id":"USN-724-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/724-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129587?format=json","purl":"pkg:deb/debian/squid@2.7.STABLE3-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.7.STABLE3-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0478"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7t4c-w47k-qyc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92199?format=json","vulnerability_id":"VCID-7vbt-133y-wkge","summary":"squid: Denial of Service in HTTP Digest Authentication","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46847.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46847.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46847","reference_id":"","reference_type":"","scores":[{"value":"0.38209","scoring_system":"epss","scoring_elements":"0.97314","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055250","reference_id":"1055250","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055250"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245916","reference_id":"2245916","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245916"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6266","reference_id":"RHSA-2023:6266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6267","reference_id":"RHSA-2023:6267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6268","reference_id":"RHSA-2023:6268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6748","reference_id":"RHSA-2023:6748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6801","reference_id":"RHSA-2023:6801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6803","reference_id":"RHSA-2023:6803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6804","reference_id":"RHSA-2023:6804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6805","reference_id":"RHSA-2023:6805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6810","reference_id":"RHSA-2023:6810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6882","reference_id":"RHSA-2023:6882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6884","reference_id":"RHSA-2023:6884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7213","reference_id":"RHSA-2023:7213","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7213"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7576","reference_id":"RHSA-2023:7576","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7576"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7578","reference_id":"RHSA-2023:7578","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7578"},{"reference_url":"https://usn.ubuntu.com/6500-1/","reference_id":"USN-6500-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6500-1/"},{"reference_url":"https://usn.ubuntu.com/6500-2/","reference_id":"USN-6500-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6500-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129632?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129633?format=json","purl":"pkg:deb/debian/squid@6.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2023-46847"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7vbt-133y-wkge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93605?format=json","vulnerability_id":"VCID-7xgk-cg81-yyht","summary":"squid: NULL pointer dereference in the gopher protocol code","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46728.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46728.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46728","reference_id":"","reference_type":"","scores":[{"value":"0.02262","scoring_system":"epss","scoring_elements":"0.8495","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46728"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2248521","reference_id":"2248521","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2248521"},{"reference_url":"https://github.com/squid-cache/squid/commit/6ea12e8fb590ac6959e9356a81aa3370576568c3","reference_id":"6ea12e8fb590ac6959e9356a81aa3370576568c3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:14:28Z/"}],"url":"https://github.com/squid-cache/squid/commit/6ea12e8fb590ac6959e9356a81aa3370576568c3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/","reference_id":"A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:14:28Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-cg5h-v6vc-w33f","reference_id":"GHSA-cg5h-v6vc-w33f","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:14:28Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-cg5h-v6vc-w33f"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/","reference_id":"MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:14:28Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231214-0006/","reference_id":"ntap-20231214-0006","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:14:28Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231214-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0046","reference_id":"RHSA-2024:0046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0071","reference_id":"RHSA-2024:0071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0072","reference_id":"RHSA-2024:0072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0397","reference_id":"RHSA-2024:0397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0771","reference_id":"RHSA-2024:0771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0772","reference_id":"RHSA-2024:0772","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0773","reference_id":"RHSA-2024:0773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1153","reference_id":"RHSA-2024:1153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1787","reference_id":"RHSA-2024:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1787"},{"reference_url":"https://usn.ubuntu.com/6500-1/","reference_id":"USN-6500-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6500-1/"},{"reference_url":"https://usn.ubuntu.com/6500-2/","reference_id":"USN-6500-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6500-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129635?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129636?format=json","purl":"pkg:deb/debian/squid@6.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2023-46728"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7xgk-cg81-yyht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101444?format=json","vulnerability_id":"VCID-84wx-quwx-p3gr","summary":"An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25097.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25097.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25097","reference_id":"","reference_type":"","scores":[{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69366","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69405","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25097"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1939925","reference_id":"1939925","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1939925"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985068","reference_id":"985068","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985068"},{"reference_url":"https://security.gentoo.org/glsa/202105-14","reference_id":"GLSA-202105-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1135","reference_id":"RHSA-2021:1135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1979","reference_id":"RHSA-2021:1979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2025","reference_id":"RHSA-2021:2025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2025"},{"reference_url":"https://usn.ubuntu.com/4895-1/","reference_id":"USN-4895-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4895-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129617?format=json","purl":"pkg:deb/debian/squid@4.13-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2020-25097"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84wx-quwx-p3gr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4090?format=json","vulnerability_id":"VCID-8e4d-y6um-pfan","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18678.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18678.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18678","reference_id":"","reference_type":"","scores":[{"value":"0.12526","scoring_system":"epss","scoring_elements":"0.94066","published_at":"2026-06-04T12:55:00Z"},{"value":"0.12526","scoring_system":"epss","scoring_elements":"0.94074","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770349","reference_id":"1770349","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770349"},{"reference_url":"https://security.archlinux.org/ASA-201911-8","reference_id":"ASA-201911-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201911-8"},{"reference_url":"https://security.archlinux.org/AVG-1062","reference_id":"AVG-1062","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1062"},{"reference_url":"https://security.gentoo.org/glsa/202003-34","reference_id":"GLSA-202003-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4213-1/","reference_id":"USN-4213-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4213-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129606?format=json","purl":"pkg:deb/debian/squid@4.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-18678"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8e4d-y6um-pfan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101388?format=json","vulnerability_id":"VCID-8rur-rbfr-gubm","summary":"cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service (resource consumption) via a crafted request.  NOTE: this issue is due to an incorrect fix for CVE-2012-5643, possibly involving an incorrect order of arguments or incorrect comparison.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0189.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0189.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0189","reference_id":"","reference_type":"","scores":[{"value":"0.69682","scoring_system":"epss","scoring_elements":"0.98679","published_at":"2026-06-04T12:55:00Z"},{"value":"0.69682","scoring_system":"epss","scoring_elements":"0.9868","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0189"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0189","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0189"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=895972","reference_id":"895972","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=895972"},{"reference_url":"https://security.gentoo.org/glsa/201309-22","reference_id":"GLSA-201309-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-22"},{"reference_url":"https://usn.ubuntu.com/1713-1/","reference_id":"USN-1713-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1713-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129592?format=json","purl":"pkg:deb/debian/squid@2.7.STABLE9-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.7.STABLE9-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2013-0189"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8rur-rbfr-gubm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101359?format=json","vulnerability_id":"VCID-966y-hxyz-h7ca","summary":"The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling \"oversized\" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0241.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0241.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0241","reference_id":"","reference_type":"","scores":[{"value":"0.86221","scoring_system":"epss","scoring_elements":"0.99416","published_at":"2026-06-04T12:55:00Z"},{"value":"0.86221","scoring_system":"epss","scoring_elements":"0.99417","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0241"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617504","reference_id":"1617504","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617504"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:060","reference_id":"RHSA-2005:060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:061","reference_id":"RHSA-2005:061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:061"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129571?format=json","purl":"pkg:deb/debian/squid@2.5.7-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.7-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0241"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-966y-hxyz-h7ca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101393?format=json","vulnerability_id":"VCID-a579-pajq-hffz","summary":"Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6270.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6270.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6270","reference_id":"","reference_type":"","scores":[{"value":"0.18201","scoring_system":"epss","scoring_elements":"0.95318","published_at":"2026-06-04T12:55:00Z"},{"value":"0.18201","scoring_system":"epss","scoring_elements":"0.95326","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6270"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1139967","reference_id":"1139967","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1139967"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://usn.ubuntu.com/2921-1/","reference_id":"USN-2921-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2921-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2014-6270"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a579-pajq-hffz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101380?format=json","vulnerability_id":"VCID-b44k-k14j-ube8","summary":"Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce \"buffer limits and related bound checks,\" which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request with a large header size, related to (a) HttpMsg.cc and (b) client_side.cc.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2621.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2621.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2621","reference_id":"","reference_type":"","scores":[{"value":"0.23562","scoring_system":"epss","scoring_elements":"0.96081","published_at":"2026-06-04T12:55:00Z"},{"value":"0.23562","scoring_system":"epss","scoring_elements":"0.96086","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2621"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=514013","reference_id":"514013","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=514013"},{"reference_url":"https://security.gentoo.org/glsa/201110-24","reference_id":"GLSA-201110-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2621"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b44k-k14j-ube8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77605?format=json","vulnerability_id":"VCID-b4wm-kgwv-nkhj","summary":"squid-cache: Squid Buffer Overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54574.json","reference_id":"","reference_type":"","scores":[{"value":"8.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54574.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54574","reference_id":"","reference_type":"","scores":[{"value":"0.0932","scoring_system":"epss","scoring_elements":"0.9292","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54574"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54574","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54574"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2386026","reference_id":"2386026","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2386026"},{"reference_url":"https://github.com/squid-cache/squid/commit/a27bf4b84da23594150c7a86a23435df0b35b988","reference_id":"a27bf4b84da23594150c7a86a23435df0b35b988","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-01T18:43:36Z/"}],"url":"https://github.com/squid-cache/squid/commit/a27bf4b84da23594150c7a86a23435df0b35b988"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-w4gv-vw3f-29g3","reference_id":"GHSA-w4gv-vw3f-29g3","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-01T18:43:36Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-w4gv-vw3f-29g3"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7465","reference_id":"RHSA-2023:7465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7668","reference_id":"RHSA-2023:7668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7668"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0072","reference_id":"RHSA-2024:0072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0397","reference_id":"RHSA-2024:0397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0771","reference_id":"RHSA-2024:0771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0772","reference_id":"RHSA-2024:0772","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0773","reference_id":"RHSA-2024:0773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1153","reference_id":"RHSA-2024:1153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14414","reference_id":"RHSA-2025:14414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14414"},{"reference_url":"https://github.com/squid-cache/squid/releases/tag/SQUID_6_4","reference_id":"SQUID_6_4","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-01T18:43:36Z/"}],"url":"https://github.com/squid-cache/squid/releases/tag/SQUID_6_4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129635?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129649?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129633?format=json","purl":"pkg:deb/debian/squid@6.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2025-54574"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b4wm-kgwv-nkhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101352?format=json","vulnerability_id":"VCID-b4y7-qehh-m3bh","summary":"Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0096.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0096.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0096","reference_id":"","reference_type":"","scores":[{"value":"0.02283","scoring_system":"epss","scoring_elements":"0.84989","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02283","scoring_system":"epss","scoring_elements":"0.85012","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0096"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0096","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0096"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617457","reference_id":"1617457","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617457"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:060","reference_id":"RHSA-2005:060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:061","reference_id":"RHSA-2005:061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:061"},{"reference_url":"https://usn.ubuntu.com/67-1/","reference_id":"USN-67-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/67-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129569?format=json","purl":"pkg:deb/debian/squid@2.5.7-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.7-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0096"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b4y7-qehh-m3bh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101339?format=json","vulnerability_id":"VCID-bxjr-uwbe-3udc","summary":"Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0916","reference_id":"","reference_type":"","scores":[{"value":"0.02682","scoring_system":"epss","scoring_elements":"0.86124","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02682","scoring_system":"epss","scoring_elements":"0.86145","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0916"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0916"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129561?format=json","purl":"pkg:deb/debian/squid@2.4.7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.4.7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2002-0916"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bxjr-uwbe-3udc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101413?format=json","vulnerability_id":"VCID-c1s2-z4na-afbf","summary":"client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4553.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4553.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4553","reference_id":"","reference_type":"","scores":[{"value":"0.82841","scoring_system":"epss","scoring_elements":"0.99264","published_at":"2026-06-04T12:55:00Z"},{"value":"0.82841","scoring_system":"epss","scoring_elements":"0.99265","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1334233","reference_id":"1334233","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1334233"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1139","reference_id":"RHSA-2016:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1140","reference_id":"RHSA-2016:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1140"},{"reference_url":"https://usn.ubuntu.com/2995-1/","reference_id":"USN-2995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-4553"],"risk_score":1.4,"exploitability":"2.0","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c1s2-z4na-afbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101426?format=json","vulnerability_id":"VCID-c442-9agd-kqfb","summary":"An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12524.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12524.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12524","reference_id":"","reference_type":"","scores":[{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.6829","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.68331","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827570","reference_id":"1827570","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4446-1/","reference_id":"USN-4446-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4446-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129604?format=json","purl":"pkg:deb/debian/squid@4.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12524"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c442-9agd-kqfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3979?format=json","vulnerability_id":"VCID-c9d7-uf1j-nbg5","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11945.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11945","reference_id":"","reference_type":"","scores":[{"value":"0.28475","scoring_system":"epss","scoring_elements":"0.9661","published_at":"2026-06-04T12:55:00Z"},{"value":"0.28475","scoring_system":"epss","scoring_elements":"0.96614","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827563","reference_id":"1827563","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827563"},{"reference_url":"https://security.archlinux.org/AVG-1146","reference_id":"AVG-1146","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1146"},{"reference_url":"https://security.gentoo.org/glsa/202005-05","reference_id":"GLSA-202005-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2038","reference_id":"RHSA-2020:2038","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2039","reference_id":"RHSA-2020:2039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2040","reference_id":"RHSA-2020:2040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2041","reference_id":"RHSA-2020:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2041"},{"reference_url":"https://usn.ubuntu.com/4356-1/","reference_id":"USN-4356-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4356-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129603?format=json","purl":"pkg:deb/debian/squid@4.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2020-11945"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c9d7-uf1j-nbg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91851?format=json","vulnerability_id":"VCID-c9g5-6pp6-gkcy","summary":"squid: Incorrect Check of Function Return Value In Helper Process management","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49286.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49286.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49286","reference_id":"","reference_type":"","scores":[{"value":"0.01726","scoring_system":"epss","scoring_elements":"0.82801","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252923","reference_id":"2252923","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252923"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0046","reference_id":"RHSA-2024:0046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0071","reference_id":"RHSA-2024:0071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0072","reference_id":"RHSA-2024:0072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0397","reference_id":"RHSA-2024:0397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0771","reference_id":"RHSA-2024:0771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0772","reference_id":"RHSA-2024:0772","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0773","reference_id":"RHSA-2024:0773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1153","reference_id":"RHSA-2024:1153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1787","reference_id":"RHSA-2024:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1787"},{"reference_url":"https://usn.ubuntu.com/6594-1/","reference_id":"USN-6594-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6594-1/"},{"reference_url":"https://usn.ubuntu.com/6857-1/","reference_id":"USN-6857-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6857-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129632?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129633?format=json","purl":"pkg:deb/debian/squid@6.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2023-49286"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c9g5-6pp6-gkcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91739?format=json","vulnerability_id":"VCID-crr1-gdmq-bua6","summary":"squid: denial of service in HTTP request parsing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50269.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50269.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50269","reference_id":"","reference_type":"","scores":[{"value":"0.01147","scoring_system":"epss","scoring_elements":"0.78831","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058721","reference_id":"1058721","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058721"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254663","reference_id":"2254663","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254663"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/","reference_id":"A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T14:21:27Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-wgq4-4cfg-c4x3","reference_id":"GHSA-wgq4-4cfg-c4x3","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T14:21:27Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-wgq4-4cfg-c4x3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/","reference_id":"MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T14:21:27Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T14:21:27Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240119-0005/","reference_id":"ntap-20240119-0005","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T14:21:27Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240119-0005/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0397","reference_id":"RHSA-2024:0397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0771","reference_id":"RHSA-2024:0771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0772","reference_id":"RHSA-2024:0772","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0773","reference_id":"RHSA-2024:0773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1085","reference_id":"RHSA-2024:1085","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1085"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1153","reference_id":"RHSA-2024:1153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1375","reference_id":"RHSA-2024:1375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1376","reference_id":"RHSA-2024:1376","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1787","reference_id":"RHSA-2024:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1787"},{"reference_url":"http://www.squid-cache.org/Versions/v5/SQUID-2023_10.patch","reference_id":"SQUID-2023_10.patch","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T14:21:27Z/"}],"url":"http://www.squid-cache.org/Versions/v5/SQUID-2023_10.patch"},{"reference_url":"http://www.squid-cache.org/Versions/v6/SQUID-2023_10.patch","reference_id":"SQUID-2023_10.patch","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T14:21:27Z/"}],"url":"http://www.squid-cache.org/Versions/v6/SQUID-2023_10.patch"},{"reference_url":"https://usn.ubuntu.com/6594-1/","reference_id":"USN-6594-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6594-1/"},{"reference_url":"https://usn.ubuntu.com/6857-1/","reference_id":"USN-6857-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6857-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129632?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129646?format=json","purl":"pkg:deb/debian/squid@6.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2023-50269"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-crr1-gdmq-bua6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101432?format=json","vulnerability_id":"VCID-db6w-h95e-9bhf","summary":"Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12854.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12854.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12854","reference_id":"","reference_type":"","scores":[{"value":"0.38048","scoring_system":"epss","scoring_elements":"0.97301","published_at":"2026-06-04T12:55:00Z"},{"value":"0.38048","scoring_system":"epss","scoring_elements":"0.97305","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13345"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1730523","reference_id":"1730523","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1730523"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4213-1/","reference_id":"USN-4213-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4213-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129604?format=json","purl":"pkg:deb/debian/squid@4.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12854"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-db6w-h95e-9bhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101379?format=json","vulnerability_id":"VCID-ddm4-j52m-efcy","summary":"Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0801.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0801.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0801","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10926","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11013","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0801"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=488502","reference_id":"488502","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=488502"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521053","reference_id":"521053","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521053"},{"reference_url":"https://security.gentoo.org/glsa/201309-22","reference_id":"GLSA-201309-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0801"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ddm4-j52m-efcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101429?format=json","vulnerability_id":"VCID-dydn-mqw1-g7at","summary":"An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12528.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12528.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12528","reference_id":"","reference_type":"","scores":[{"value":"0.23648","scoring_system":"epss","scoring_elements":"0.9609","published_at":"2026-06-04T12:55:00Z"},{"value":"0.23648","scoring_system":"epss","scoring_elements":"0.96095","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798534","reference_id":"1798534","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798534"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950925","reference_id":"950925","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950925"},{"reference_url":"https://security.gentoo.org/glsa/202003-34","reference_id":"GLSA-202003-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4082","reference_id":"RHSA-2020:4082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4289-1/","reference_id":"USN-4289-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4289-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129609?format=json","purl":"pkg:deb/debian/squid@4.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12528"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dydn-mqw1-g7at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92082?format=json","vulnerability_id":"VCID-e7d7-jejy-ukct","summary":"squid: Denial of Service in SSL Certificate validation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46724.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46724.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46724","reference_id":"","reference_type":"","scores":[{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.639","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46724"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055252","reference_id":"1055252","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055252"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2247567","reference_id":"2247567","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2247567"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/","reference_id":"A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:13:11Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/"},{"reference_url":"https://github.com/squid-cache/squid/commit/b70f864940225dfe69f9f653f948e787f99c3810","reference_id":"b70f864940225dfe69f9f653f948e787f99c3810","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:13:11Z/"}],"url":"https://github.com/squid-cache/squid/commit/b70f864940225dfe69f9f653f948e787f99c3810"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-73m6-jm96-c6r3","reference_id":"GHSA-73m6-jm96-c6r3","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:13:11Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-73m6-jm96-c6r3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/","reference_id":"MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:13:11Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231208-0001/","reference_id":"ntap-20231208-0001","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:13:11Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231208-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0046","reference_id":"RHSA-2024:0046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0071","reference_id":"RHSA-2024:0071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0072","reference_id":"RHSA-2024:0072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0397","reference_id":"RHSA-2024:0397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0771","reference_id":"RHSA-2024:0771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0772","reference_id":"RHSA-2024:0772","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0773","reference_id":"RHSA-2024:0773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1153","reference_id":"RHSA-2024:1153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1787","reference_id":"RHSA-2024:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1787"},{"reference_url":"http://www.squid-cache.org/Versions/v5/SQUID-2023_4.patch","reference_id":"SQUID-2023_4.patch","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:13:11Z/"}],"url":"http://www.squid-cache.org/Versions/v5/SQUID-2023_4.patch"},{"reference_url":"http://www.squid-cache.org/Versions/v6/SQUID-2023_4.patch","reference_id":"SQUID-2023_4.patch","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:13:11Z/"}],"url":"http://www.squid-cache.org/Versions/v6/SQUID-2023_4.patch"},{"reference_url":"https://usn.ubuntu.com/6500-1/","reference_id":"USN-6500-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6500-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129632?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129633?format=json","purl":"pkg:deb/debian/squid@6.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2023-46724"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e7d7-jejy-ukct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101351?format=json","vulnerability_id":"VCID-efj8-p65n-bffs","summary":"The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0095.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0095.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0095","reference_id":"","reference_type":"","scores":[{"value":"0.75842","scoring_system":"epss","scoring_elements":"0.98928","published_at":"2026-06-04T12:55:00Z"},{"value":"0.75842","scoring_system":"epss","scoring_elements":"0.98929","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0095"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0095"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617456","reference_id":"1617456","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:060","reference_id":"RHSA-2005:060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:061","reference_id":"RHSA-2005:061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:061"},{"reference_url":"https://usn.ubuntu.com/67-1/","reference_id":"USN-67-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/67-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129569?format=json","purl":"pkg:deb/debian/squid@2.5.7-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.7-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0095"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-efj8-p65n-bffs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101332?format=json","vulnerability_id":"VCID-fh8e-t1f8-73b2","summary":"The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-1999-0710.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-1999-0710.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-1999-0710","reference_id":"","reference_type":"","scores":[{"value":"0.12632","scoring_system":"epss","scoring_elements":"0.94098","published_at":"2026-06-04T12:55:00Z"},{"value":"0.12632","scoring_system":"epss","scoring_elements":"0.94106","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-1999-0710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616452","reference_id":"1616452","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616452"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/20465.sh","reference_id":"CVE-1999-0710;OSVDB-28","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/remote/20465.sh"},{"reference_url":"https://www.securityfocus.com/bid/2059/info","reference_id":"CVE-1999-0710;OSVDB-28","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/2059/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:415","reference_id":"RHSA-2005:415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:489","reference_id":"RHSA-2005:489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:489"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129553?format=json","purl":"pkg:deb/debian/squid@2.5.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-1999-0710"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fh8e-t1f8-73b2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3980?format=json","vulnerability_id":"VCID-fz4s-d6vu-5ydx","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12521.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12521.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12521","reference_id":"","reference_type":"","scores":[{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68805","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68844","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827562","reference_id":"1827562","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827562"},{"reference_url":"https://security.archlinux.org/AVG-1146","reference_id":"AVG-1146","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1146"},{"reference_url":"https://security.gentoo.org/glsa/202005-05","reference_id":"GLSA-202005-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4356-1/","reference_id":"USN-4356-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4356-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129603?format=json","purl":"pkg:deb/debian/squid@4.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12521"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fz4s-d6vu-5ydx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101396?format=json","vulnerability_id":"VCID-g4mn-8ehd-6udp","summary":"Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka \"Nonce replay vulnerability.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9749.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9749.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9749","reference_id":"","reference_type":"","scores":[{"value":"0.01938","scoring_system":"epss","scoring_elements":"0.83743","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01938","scoring_system":"epss","scoring_elements":"0.83766","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9749"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1186768","reference_id":"1186768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1186768"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2014-9749"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g4mn-8ehd-6udp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101423?format=json","vulnerability_id":"VCID-gr7g-hj5f-aufc","summary":"An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo (username and password) for certain protocols. This decoded info is prepended to the domain. This allows an attacker to provide a username that has special characters to delimit the domain, and treat the rest of the URL as a path or query string. An attacker could first make a request to their domain using an encoded username, then when a request for the target domain comes in that decodes to the exact URL, it will serve the attacker's HTML instead of the real HTML. On Squid servers that also act as reverse proxies, this allows an attacker to gain access to features that only reverse proxies can use, such as ESI.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12520.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12520.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12520","reference_id":"","reference_type":"","scores":[{"value":"0.06184","scoring_system":"epss","scoring_elements":"0.91004","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06184","scoring_system":"epss","scoring_elements":"0.91018","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827558","reference_id":"1827558","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4446-1/","reference_id":"USN-4446-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4446-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129604?format=json","purl":"pkg:deb/debian/squid@4.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12520"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gr7g-hj5f-aufc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101445?format=json","vulnerability_id":"VCID-gytn-z913-ubht","summary":"An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8449.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8449.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8449","reference_id":"","reference_type":"","scores":[{"value":"0.03964","scoring_system":"epss","scoring_elements":"0.88578","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03964","scoring_system":"epss","scoring_elements":"0.88596","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798540","reference_id":"1798540","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798540"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950802","reference_id":"950802","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950802"},{"reference_url":"https://security.gentoo.org/glsa/202003-34","reference_id":"GLSA-202003-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4082","reference_id":"RHSA-2020:4082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4289-1/","reference_id":"USN-4289-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4289-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129609?format=json","purl":"pkg:deb/debian/squid@4.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8449"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gytn-z913-ubht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92198?format=json","vulnerability_id":"VCID-h4af-cyxg-juf8","summary":"squid: DoS against HTTP and HTTPS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5824.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5824.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5824","reference_id":"","reference_type":"","scores":[{"value":"0.01879","scoring_system":"epss","scoring_elements":"0.8351","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5824"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055249","reference_id":"1055249","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055249"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245914","reference_id":"2245914","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245914"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7465","reference_id":"RHSA-2023:7465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7668","reference_id":"RHSA-2023:7668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7668"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0072","reference_id":"RHSA-2024:0072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0397","reference_id":"RHSA-2024:0397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0771","reference_id":"RHSA-2024:0771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0772","reference_id":"RHSA-2024:0772","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0773","reference_id":"RHSA-2024:0773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1153","reference_id":"RHSA-2024:1153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1153"},{"reference_url":"https://usn.ubuntu.com/6728-1/","reference_id":"USN-6728-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6728-1/"},{"reference_url":"https://usn.ubuntu.com/6728-3/","reference_id":"USN-6728-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6728-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129635?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129649?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129633?format=json","purl":"pkg:deb/debian/squid@6.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2023-5824"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h4af-cyxg-juf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91852?format=json","vulnerability_id":"VCID-h8gc-xzsu-xkef","summary":"squid: Buffer over-read in the HTTP Message processing feature","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49285.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49285.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49285","reference_id":"","reference_type":"","scores":[{"value":"0.09621","scoring_system":"epss","scoring_elements":"0.93044","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252926","reference_id":"2252926","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0046","reference_id":"RHSA-2024:0046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0071","reference_id":"RHSA-2024:0071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0072","reference_id":"RHSA-2024:0072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0397","reference_id":"RHSA-2024:0397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0771","reference_id":"RHSA-2024:0771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0772","reference_id":"RHSA-2024:0772","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0773","reference_id":"RHSA-2024:0773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1153","reference_id":"RHSA-2024:1153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1787","reference_id":"RHSA-2024:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1787"},{"reference_url":"https://usn.ubuntu.com/6594-1/","reference_id":"USN-6594-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6594-1/"},{"reference_url":"https://usn.ubuntu.com/6857-1/","reference_id":"USN-6857-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6857-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129632?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129633?format=json","purl":"pkg:deb/debian/squid@6.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2023-49285"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h8gc-xzsu-xkef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5503?format=json","vulnerability_id":"VCID-j2q4-n7rm-7bfp","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28662.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28662.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28662","reference_id":"","reference_type":"","scores":[{"value":"0.1363","scoring_system":"epss","scoring_elements":"0.94379","published_at":"2026-06-04T12:55:00Z"},{"value":"0.1363","scoring_system":"epss","scoring_elements":"0.94387","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28662"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1962254","reference_id":"1962254","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1962254"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988891","reference_id":"988891","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988891"},{"reference_url":"https://security.archlinux.org/ASA-202105-10","reference_id":"ASA-202105-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202105-10"},{"reference_url":"https://security.archlinux.org/AVG-1949","reference_id":"AVG-1949","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1949"},{"reference_url":"https://security.gentoo.org/glsa/202105-14","reference_id":"GLSA-202105-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4292","reference_id":"RHSA-2021:4292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4292"},{"reference_url":"https://usn.ubuntu.com/4981-1/","reference_id":"USN-4981-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4981-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129623?format=json","purl":"pkg:deb/debian/squid@4.13-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2021-28662"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2q4-n7rm-7bfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101435?format=json","vulnerability_id":"VCID-j4rt-cxwg-rugw","summary":"An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18677.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18677.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18677","reference_id":"","reference_type":"","scores":[{"value":"0.04214","scoring_system":"epss","scoring_elements":"0.88941","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04214","scoring_system":"epss","scoring_elements":"0.88958","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770365","reference_id":"1770365","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770365"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4213-1/","reference_id":"USN-4213-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4213-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129606?format=json","purl":"pkg:deb/debian/squid@4.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-18677"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j4rt-cxwg-rugw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74526?format=json","vulnerability_id":"VCID-j8vv-ysfd-a7c6","summary":"squid-cache: Squid cache buffer overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59362.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59362.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59362","reference_id":"","reference_type":"","scores":[{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38797","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59362"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117048","reference_id":"1117048","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117048"},{"reference_url":"https://github.com/squid-cache/squid/pull/2149","reference_id":"2149","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-26T20:30:59Z/"}],"url":"https://github.com/squid-cache/squid/pull/2149"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2399758","reference_id":"2399758","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2399758"},{"reference_url":"https://github.com/Microsvuln/advisories/blob/main/CVE-2025-59362/CVE-2025-59362.md","reference_id":"CVE-2025-59362.md","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-26T20:30:59Z/"}],"url":"https://github.com/Microsvuln/advisories/blob/main/CVE-2025-59362/CVE-2025-59362.md"},{"reference_url":"https://usn.ubuntu.com/7804-1/","reference_id":"USN-7804-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7804-1/"},{"reference_url":"https://usn.ubuntu.com/7804-2/","reference_id":"USN-7804-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7804-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129658?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129659?format=json","purl":"pkg:deb/debian/squid@7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2025-59362"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j8vv-ysfd-a7c6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101406?format=json","vulnerability_id":"VCID-jaew-wj9q-17fk","summary":"Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3947.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3947.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3947","reference_id":"","reference_type":"","scores":[{"value":"0.75366","scoring_system":"epss","scoring_elements":"0.98906","published_at":"2026-06-04T12:55:00Z"},{"value":"0.75366","scoring_system":"epss","scoring_elements":"0.98907","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3947"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1323590","reference_id":"1323590","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1323590"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://usn.ubuntu.com/2995-1/","reference_id":"USN-2995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-3947"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jaew-wj9q-17fk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101350?format=json","vulnerability_id":"VCID-jn1n-gp5t-c7ft","summary":"Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0094.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0094.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0094","reference_id":"","reference_type":"","scores":[{"value":"0.51138","scoring_system":"epss","scoring_elements":"0.97926","published_at":"2026-06-04T12:55:00Z"},{"value":"0.51138","scoring_system":"epss","scoring_elements":"0.97929","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0094"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617455","reference_id":"1617455","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617455"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:060","reference_id":"RHSA-2005:060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:061","reference_id":"RHSA-2005:061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:061"},{"reference_url":"https://usn.ubuntu.com/67-1/","reference_id":"USN-67-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/67-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129569?format=json","purl":"pkg:deb/debian/squid@2.5.7-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.7-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0094"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jn1n-gp5t-c7ft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101395?format=json","vulnerability_id":"VCID-k1v3-u3r5-dygy","summary":"The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7142.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7142.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7142","reference_id":"","reference_type":"","scores":[{"value":"0.64227","scoring_system":"epss","scoring_elements":"0.98458","published_at":"2026-06-04T12:55:00Z"},{"value":"0.64227","scoring_system":"epss","scoring_elements":"0.98461","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7142"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1148832","reference_id":"1148832","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1148832"},{"reference_url":"https://security.gentoo.org/glsa/201411-11","reference_id":"GLSA-201411-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-11"},{"reference_url":"https://usn.ubuntu.com/2422-1/","reference_id":"USN-2422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2014-7142"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k1v3-u3r5-dygy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101451?format=json","vulnerability_id":"VCID-k1yk-e4zn-h3c2","summary":"Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33620.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33620.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33620","reference_id":"","reference_type":"","scores":[{"value":"0.09639","scoring_system":"epss","scoring_elements":"0.93041","published_at":"2026-06-04T12:55:00Z"},{"value":"0.09639","scoring_system":"epss","scoring_elements":"0.93051","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1959537","reference_id":"1959537","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1959537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4292","reference_id":"RHSA-2021:4292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4292"},{"reference_url":"https://usn.ubuntu.com/4981-1/","reference_id":"USN-4981-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4981-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129623?format=json","purl":"pkg:deb/debian/squid@4.13-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2021-33620"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k1yk-e4zn-h3c2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101420?format=json","vulnerability_id":"VCID-kdrt-mthb-y7du","summary":"Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19131.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19131.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19131","reference_id":"","reference_type":"","scores":[{"value":"0.10782","scoring_system":"epss","scoring_elements":"0.93483","published_at":"2026-06-04T12:55:00Z"},{"value":"0.10782","scoring_system":"epss","scoring_elements":"0.93493","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19131"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1645146","reference_id":"1645146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1645146"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912293","reference_id":"912293","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912293"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129602?format=json","purl":"pkg:deb/debian/squid@4.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2018-19131"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kdrt-mthb-y7du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101348?format=json","vulnerability_id":"VCID-kkry-29uk-jkfh","summary":"Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass security controls and access arbitrary websites via \"@@\" sequences in a URL within Internet Explorer.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-2480","reference_id":"","reference_type":"","scores":[{"value":"0.01999","scoring_system":"epss","scoring_elements":"0.83975","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01999","scoring_system":"epss","scoring_elements":"0.83997","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-2480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2480"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24105.txt","reference_id":"CVE-2004-2480;OSVDB-19173","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24105.txt"},{"reference_url":"https://www.securityfocus.com/bid/10315/info","reference_id":"CVE-2004-2480;OSVDB-19173","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/10315/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129567?format=json","purl":"pkg:deb/debian/squid@2.5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2004-2480"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kkry-29uk-jkfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101417?format=json","vulnerability_id":"VCID-kks8-56y6-6kew","summary":"The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000024.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000024.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000024","reference_id":"","reference_type":"","scores":[{"value":"0.09177","scoring_system":"epss","scoring_elements":"0.92842","published_at":"2026-06-04T12:55:00Z"},{"value":"0.09177","scoring_system":"epss","scoring_elements":"0.92854","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000027","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000027"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1536939","reference_id":"1536939","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1536939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1068","reference_id":"RHSA-2020:1068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1068"},{"reference_url":"https://usn.ubuntu.com/3557-1/","reference_id":"USN-3557-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3557-1/"},{"reference_url":"https://usn.ubuntu.com/4059-2/","reference_id":"USN-4059-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4059-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2018-1000024"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kks8-56y6-6kew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101414?format=json","vulnerability_id":"VCID-kqba-yqhn-hbav","summary":"mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a \"header smuggling\" issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4554.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4554.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4554","reference_id":"","reference_type":"","scores":[{"value":"0.6886","scoring_system":"epss","scoring_elements":"0.98645","published_at":"2026-06-04T12:55:00Z"},{"value":"0.6886","scoring_system":"epss","scoring_elements":"0.98646","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1334241","reference_id":"1334241","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1334241"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1138","reference_id":"RHSA-2016:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1139","reference_id":"RHSA-2016:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1140","reference_id":"RHSA-2016:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1140"},{"reference_url":"https://usn.ubuntu.com/2995-1/","reference_id":"USN-2995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-4554"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kqba-yqhn-hbav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101440?format=json","vulnerability_id":"VCID-krap-1qmx-t7ap","summary":"An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing \"+\\ \"-\" or an uncommon shell whitespace character prefix to the length field-value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15049.json","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15049.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15049","reference_id":"","reference_type":"","scores":[{"value":"0.15653","scoring_system":"epss","scoring_elements":"0.94826","published_at":"2026-06-04T12:55:00Z"},{"value":"0.15653","scoring_system":"epss","scoring_elements":"0.94835","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852550","reference_id":"1852550","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4082","reference_id":"RHSA-2020:4082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4551-1/","reference_id":"USN-4551-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4551-1/"},{"reference_url":"https://usn.ubuntu.com/4895-1/","reference_id":"USN-4895-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4895-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129615?format=json","purl":"pkg:deb/debian/squid@4.12-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.12-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2020-15049"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-krap-1qmx-t7ap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4089?format=json","vulnerability_id":"VCID-mfk5-y8xe-hqdr","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18679.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18679.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18679","reference_id":"","reference_type":"","scores":[{"value":"0.44133","scoring_system":"epss","scoring_elements":"0.97613","published_at":"2026-06-04T12:55:00Z"},{"value":"0.44133","scoring_system":"epss","scoring_elements":"0.97616","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770360","reference_id":"1770360","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770360"},{"reference_url":"https://security.archlinux.org/ASA-201911-8","reference_id":"ASA-201911-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201911-8"},{"reference_url":"https://security.archlinux.org/AVG-1062","reference_id":"AVG-1062","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1062"},{"reference_url":"https://security.gentoo.org/glsa/202003-34","reference_id":"GLSA-202003-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4213-1/","reference_id":"USN-4213-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4213-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129606?format=json","purl":"pkg:deb/debian/squid@4.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-18679"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mfk5-y8xe-hqdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101368?format=json","vulnerability_id":"VCID-mpfx-6sfu-43gz","summary":"Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2917.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2917.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2917","reference_id":"","reference_type":"","scores":[{"value":"0.51918","scoring_system":"epss","scoring_elements":"0.97961","published_at":"2026-06-04T12:55:00Z"},{"value":"0.51918","scoring_system":"epss","scoring_elements":"0.97964","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2917"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2917","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2917"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617765","reference_id":"1617765","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0045","reference_id":"RHSA-2006:0045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0052","reference_id":"RHSA-2006:0052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0052"},{"reference_url":"https://usn.ubuntu.com/192-1/","reference_id":"USN-192-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/192-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129581?format=json","purl":"pkg:deb/debian/squid@2.5.10-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.10-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-2917"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mpfx-6sfu-43gz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101408?format=json","vulnerability_id":"VCID-n33d-b5uw-1yf2","summary":"Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4051.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4051.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4051","reference_id":"","reference_type":"","scores":[{"value":"0.05912","scoring_system":"epss","scoring_elements":"0.90775","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05912","scoring_system":"epss","scoring_elements":"0.90788","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1329126","reference_id":"1329126","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1329126"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1138","reference_id":"RHSA-2016:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1139","reference_id":"RHSA-2016:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1140","reference_id":"RHSA-2016:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1140"},{"reference_url":"https://usn.ubuntu.com/2995-1/","reference_id":"USN-2995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-4051"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n33d-b5uw-1yf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101391?format=json","vulnerability_id":"VCID-nxn5-5c27-tkcr","summary":"Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0128.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0128.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0128","reference_id":"","reference_type":"","scores":[{"value":"0.54968","scoring_system":"epss","scoring_elements":"0.98092","published_at":"2026-06-04T12:55:00Z"},{"value":"0.54968","scoring_system":"epss","scoring_elements":"0.98093","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0128"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1074870","reference_id":"1074870","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1074870"},{"reference_url":"https://security.gentoo.org/glsa/201411-11","reference_id":"GLSA-201411-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0597","reference_id":"RHSA-2014:0597","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0597"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2014-0128"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nxn5-5c27-tkcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101390?format=json","vulnerability_id":"VCID-phqh-ares-pqf8","summary":"client_side_request.cc in Squid 3.2.x before 3.2.13 and 3.3.x before 3.3.8 allows remote attackers to cause a denial of service via a crafted port number in a HTTP Host header.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4123.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4123.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4123","reference_id":"","reference_type":"","scores":[{"value":"0.68916","scoring_system":"epss","scoring_elements":"0.98647","published_at":"2026-06-04T12:55:00Z"},{"value":"0.68916","scoring_system":"epss","scoring_elements":"0.98648","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4123"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=984632","reference_id":"984632","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=984632"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/26886.pl","reference_id":"CVE-2013-4123","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/26886.pl"},{"reference_url":"https://security.gentoo.org/glsa/201309-22","reference_id":"GLSA-201309-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2013-4123"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-phqh-ares-pqf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101387?format=json","vulnerability_id":"VCID-pq9r-bdfx-vqb8","summary":"Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5643.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5643.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5643","reference_id":"","reference_type":"","scores":[{"value":"0.33163","scoring_system":"epss","scoring_elements":"0.96996","published_at":"2026-06-04T12:55:00Z"},{"value":"0.33163","scoring_system":"epss","scoring_elements":"0.97","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5643"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=887962","reference_id":"887962","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=887962"},{"reference_url":"https://security.gentoo.org/glsa/201309-22","reference_id":"GLSA-201309-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0505","reference_id":"RHSA-2013:0505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0505"},{"reference_url":"https://usn.ubuntu.com/1713-1/","reference_id":"USN-1713-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1713-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129592?format=json","purl":"pkg:deb/debian/squid@2.7.STABLE9-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.7.STABLE9-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2012-5643"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pq9r-bdfx-vqb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101404?format=json","vulnerability_id":"VCID-pswa-8aa8-ukhw","summary":"http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2571.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2571.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2571","reference_id":"","reference_type":"","scores":[{"value":"0.14329","scoring_system":"epss","scoring_elements":"0.94533","published_at":"2026-06-04T12:55:00Z"},{"value":"0.14329","scoring_system":"epss","scoring_elements":"0.94542","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2571"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2571","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2571"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312262","reference_id":"1312262","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312262"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2600","reference_id":"RHSA-2016:2600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2600"},{"reference_url":"https://usn.ubuntu.com/2921-1/","reference_id":"USN-2921-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2921-1/"},{"reference_url":"https://usn.ubuntu.com/3557-1/","reference_id":"USN-3557-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3557-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2571"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pswa-8aa8-ukhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101403?format=json","vulnerability_id":"VCID-ptb8-53q8-gfad","summary":"The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/CustomParser.cc and esi/CustomParser.h.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2570.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2570.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2570","reference_id":"","reference_type":"","scores":[{"value":"0.05488","scoring_system":"epss","scoring_elements":"0.90378","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05488","scoring_system":"epss","scoring_elements":"0.90393","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2570"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312257","reference_id":"1312257","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312257"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2600","reference_id":"RHSA-2016:2600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2600"},{"reference_url":"https://usn.ubuntu.com/3557-1/","reference_id":"USN-3557-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3557-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2570"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ptb8-53q8-gfad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4091?format=json","vulnerability_id":"VCID-ptdh-k28q-q3at","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12526.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12526.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12526","reference_id":"","reference_type":"","scores":[{"value":"0.39194","scoring_system":"epss","scoring_elements":"0.97363","published_at":"2026-06-04T12:55:00Z"},{"value":"0.39194","scoring_system":"epss","scoring_elements":"0.97367","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770356","reference_id":"1770356","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770356"},{"reference_url":"https://security.archlinux.org/ASA-201911-8","reference_id":"ASA-201911-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201911-8"},{"reference_url":"https://security.archlinux.org/AVG-1062","reference_id":"AVG-1062","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1062"},{"reference_url":"https://security.gentoo.org/glsa/202003-34","reference_id":"GLSA-202003-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4213-1/","reference_id":"USN-4213-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4213-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129606?format=json","purl":"pkg:deb/debian/squid@4.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12526"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ptdh-k28q-q3at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5191?format=json","vulnerability_id":"VCID-ptu8-w3ps-gfbz","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28116.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28116.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28116","reference_id":"","reference_type":"","scores":[{"value":"0.10515","scoring_system":"epss","scoring_elements":"0.93392","published_at":"2026-06-04T12:55:00Z"},{"value":"0.10515","scoring_system":"epss","scoring_elements":"0.93403","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1939939","reference_id":"1939939","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1939939"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986804","reference_id":"986804","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986804"},{"reference_url":"https://security.archlinux.org/AVG-1667","reference_id":"AVG-1667","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1667"},{"reference_url":"https://security.gentoo.org/glsa/202105-14","reference_id":"GLSA-202105-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1939","reference_id":"RHSA-2022:1939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1939"},{"reference_url":"https://usn.ubuntu.com/5104-1/","reference_id":"USN-5104-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5104-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129620?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129618?format=json","purl":"pkg:deb/debian/squid@5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2021-28116"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ptu8-w3ps-gfbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5504?format=json","vulnerability_id":"VCID-q39b-rxx4-uffu","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28652.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28652.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28652","reference_id":"","reference_type":"","scores":[{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70996","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.71038","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1962246","reference_id":"1962246","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1962246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988892","reference_id":"988892","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988892"},{"reference_url":"https://security.archlinux.org/ASA-202105-10","reference_id":"ASA-202105-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202105-10"},{"reference_url":"https://security.archlinux.org/AVG-1949","reference_id":"AVG-1949","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1949"},{"reference_url":"https://security.gentoo.org/glsa/202105-14","reference_id":"GLSA-202105-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4292","reference_id":"RHSA-2021:4292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4292"},{"reference_url":"https://usn.ubuntu.com/4981-1/","reference_id":"USN-4981-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4981-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129623?format=json","purl":"pkg:deb/debian/squid@4.13-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2021-28652"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q39b-rxx4-uffu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101363?format=json","vulnerability_id":"VCID-q6dn-87uh-sffd","summary":"Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0718.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0718.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0718","reference_id":"","reference_type":"","scores":[{"value":"0.12597","scoring_system":"epss","scoring_elements":"0.94084","published_at":"2026-06-04T12:55:00Z"},{"value":"0.12597","scoring_system":"epss","scoring_elements":"0.94092","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0718"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0718","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0718"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617563","reference_id":"1617563","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617563"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=305605","reference_id":"305605","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=305605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:415","reference_id":"RHSA-2005:415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:489","reference_id":"RHSA-2005:489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:489"},{"reference_url":"https://usn.ubuntu.com/111-1/","reference_id":"USN-111-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/111-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129566?format=json","purl":"pkg:deb/debian/squid@2.5.8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0718"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q6dn-87uh-sffd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101416?format=json","vulnerability_id":"VCID-qajc-u4gq-vfbf","summary":"Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4556.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4556.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4556","reference_id":"","reference_type":"","scores":[{"value":"0.56857","scoring_system":"epss","scoring_elements":"0.98172","published_at":"2026-06-04T12:55:00Z"},{"value":"0.56857","scoring_system":"epss","scoring_elements":"0.98174","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1334786","reference_id":"1334786","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1334786"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1138","reference_id":"RHSA-2016:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1139","reference_id":"RHSA-2016:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1140","reference_id":"RHSA-2016:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1140"},{"reference_url":"https://usn.ubuntu.com/2995-1/","reference_id":"USN-2995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-4556"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qajc-u4gq-vfbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101334?format=json","vulnerability_id":"VCID-qds8-ta3k-zydv","summary":"FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0714.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0714.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0714","reference_id":"","reference_type":"","scores":[{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38182","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38271","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0714"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0714","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0714"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616801","reference_id":"1616801","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:051","reference_id":"RHSA-2002:051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:130","reference_id":"RHSA-2002:130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:130"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129558?format=json","purl":"pkg:deb/debian/squid@2.4.6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.4.6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2002-0714"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qds8-ta3k-zydv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101383?format=json","vulnerability_id":"VCID-qg6z-kgdf-a7et","summary":"lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0308.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0308.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0308","reference_id":"","reference_type":"","scores":[{"value":"0.11036","scoring_system":"epss","scoring_elements":"0.93576","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11036","scoring_system":"epss","scoring_elements":"0.93587","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0308"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=556389","reference_id":"556389","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=556389"},{"reference_url":"https://security.gentoo.org/glsa/201110-24","reference_id":"GLSA-201110-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0221","reference_id":"RHSA-2010:0221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0221"},{"reference_url":"https://usn.ubuntu.com/901-1/","reference_id":"USN-901-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/901-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129591?format=json","purl":"pkg:deb/debian/squid@2.7.STABLE8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.7.STABLE8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2010-0308"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qg6z-kgdf-a7et"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101365?format=json","vulnerability_id":"VCID-qg7m-8cuw-h7fx","summary":"Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1519.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1519.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1519","reference_id":"","reference_type":"","scores":[{"value":"0.24581","scoring_system":"epss","scoring_elements":"0.96227","published_at":"2026-06-04T12:55:00Z"},{"value":"0.24581","scoring_system":"epss","scoring_elements":"0.96232","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1519"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617653","reference_id":"1617653","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617653"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=309504","reference_id":"309504","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=309504"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:415","reference_id":"RHSA-2005:415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:489","reference_id":"RHSA-2005:489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:489"},{"reference_url":"https://usn.ubuntu.com/129-1/","reference_id":"USN-129-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/129-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129577?format=json","purl":"pkg:deb/debian/squid@2.5.9-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.9-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-1519"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qg7m-8cuw-h7fx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101366?format=json","vulnerability_id":"VCID-qnfb-nqyv-17ar","summary":"store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2794.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2794.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2794","reference_id":"","reference_type":"","scores":[{"value":"0.12518","scoring_system":"epss","scoring_elements":"0.94063","published_at":"2026-06-04T12:55:00Z"},{"value":"0.12518","scoring_system":"epss","scoring_elements":"0.94071","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2794"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617754","reference_id":"1617754","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617754"},{"reference_url":"https://security.gentoo.org/glsa/200509-06","reference_id":"GLSA-200509-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200509-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:766","reference_id":"RHSA-2005:766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:766"},{"reference_url":"https://usn.ubuntu.com/183-1/","reference_id":"USN-183-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/183-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129579?format=json","purl":"pkg:deb/debian/squid@2.5.10-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.10-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-2794"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qnfb-nqyv-17ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101436?format=json","vulnerability_id":"VCID-r4db-5e11-23ce","summary":"Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18860.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18860.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18860","reference_id":"","reference_type":"","scores":[{"value":"0.04339","scoring_system":"epss","scoring_elements":"0.89109","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04339","scoring_system":"epss","scoring_elements":"0.89126","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1817121","reference_id":"1817121","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1817121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4356-1/","reference_id":"USN-4356-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4356-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129606?format=json","purl":"pkg:deb/debian/squid@4.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-18860"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4db-5e11-23ce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101434?format=json","vulnerability_id":"VCID-r69g-yc8t-zua3","summary":"An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18676.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18676.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18676","reference_id":"","reference_type":"","scores":[{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80569","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80595","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770375","reference_id":"1770375","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4213-1/","reference_id":"USN-4213-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4213-1/"},{"reference_url":"https://usn.ubuntu.com/4446-1/","reference_id":"USN-4446-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4446-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129606?format=json","purl":"pkg:deb/debian/squid@4.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-18676"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r69g-yc8t-zua3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5505?format=json","vulnerability_id":"VCID-rkq7-bnee-ekgr","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28651.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28651.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28651","reference_id":"","reference_type":"","scores":[{"value":"0.06133","scoring_system":"epss","scoring_elements":"0.90957","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06133","scoring_system":"epss","scoring_elements":"0.90971","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28651"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28651"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28662"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33620"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1962243","reference_id":"1962243","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1962243"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988893","reference_id":"988893","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988893"},{"reference_url":"https://security.archlinux.org/ASA-202105-10","reference_id":"ASA-202105-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202105-10"},{"reference_url":"https://security.archlinux.org/AVG-1949","reference_id":"AVG-1949","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1949"},{"reference_url":"https://security.gentoo.org/glsa/202105-14","reference_id":"GLSA-202105-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4292","reference_id":"RHSA-2021:4292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14414","reference_id":"RHSA-2025:14414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14414"},{"reference_url":"https://usn.ubuntu.com/4981-1/","reference_id":"USN-4981-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4981-1/"},{"reference_url":"https://usn.ubuntu.com/6857-1/","reference_id":"USN-6857-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6857-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129623?format=json","purl":"pkg:deb/debian/squid@4.13-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2021-28651"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rkq7-bnee-ekgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101394?format=json","vulnerability_id":"VCID-rnx4-ypsm-5fbq","summary":"The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7141.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7141.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7141","reference_id":"","reference_type":"","scores":[{"value":"0.77333","scoring_system":"epss","scoring_elements":"0.98997","published_at":"2026-06-04T12:55:00Z"},{"value":"0.77333","scoring_system":"epss","scoring_elements":"0.98999","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7141"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7141"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1139715","reference_id":"1139715","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1139715"},{"reference_url":"https://security.gentoo.org/glsa/201411-11","reference_id":"GLSA-201411-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-11"},{"reference_url":"https://usn.ubuntu.com/2422-1/","reference_id":"USN-2422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2014-7141"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rnx4-ypsm-5fbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101346?format=json","vulnerability_id":"VCID-ru9c-dnst-afck","summary":"The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0918.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0918.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0918","reference_id":"","reference_type":"","scores":[{"value":"0.68742","scoring_system":"epss","scoring_elements":"0.9864","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0918"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=453211","reference_id":"453211","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=453211"},{"reference_url":"https://security.gentoo.org/glsa/200410-15","reference_id":"GLSA-200410-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200410-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:591","reference_id":"RHSA-2004:591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:591"},{"reference_url":"https://usn.ubuntu.com/19-1/","reference_id":"USN-19-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/19-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129565?format=json","purl":"pkg:deb/debian/squid@2.5.7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0918"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ru9c-dnst-afck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101425?format=json","vulnerability_id":"VCID-s2yj-54je-z3a6","summary":"An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12523.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12523.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12523","reference_id":"","reference_type":"","scores":[{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68551","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68592","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770371","reference_id":"1770371","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4213-1/","reference_id":"USN-4213-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4213-1/"},{"reference_url":"https://usn.ubuntu.com/4446-1/","reference_id":"USN-4446-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4446-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129606?format=json","purl":"pkg:deb/debian/squid@4.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12523"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s2yj-54je-z3a6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89976?format=json","vulnerability_id":"VCID-ssxr-73gq-kbaf","summary":"squid: Out-of-bounds write error may lead to Denial of Service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37894.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37894.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-37894","reference_id":"","reference_type":"","scores":[{"value":"0.01302","scoring_system":"epss","scoring_elements":"0.80103","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-37894"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37894","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37894"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074284","reference_id":"1074284","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2294353","reference_id":"2294353","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2294353"},{"reference_url":"https://github.com/squid-cache/squid/commit/f411fe7d75197852f0e5ee85027a06d58dd8df4c.patch","reference_id":"f411fe7d75197852f0e5ee85027a06d58dd8df4c.patch","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T14:07:04Z/"}],"url":"https://github.com/squid-cache/squid/commit/f411fe7d75197852f0e5ee85027a06d58dd8df4c.patch"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-wgvf-q977-9xjg","reference_id":"GHSA-wgvf-q977-9xjg","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T14:07:04Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-wgvf-q977-9xjg"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240719-0001/","reference_id":"ntap-20240719-0001","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T14:07:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240719-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4861","reference_id":"RHSA-2024:4861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5906","reference_id":"RHSA-2024:5906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5906"},{"reference_url":"https://usn.ubuntu.com/6907-1/","reference_id":"USN-6907-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6907-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129652?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129654?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129655?format=json","purl":"pkg:deb/debian/squid@6.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2024-37894"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ssxr-73gq-kbaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73487?format=json","vulnerability_id":"VCID-t3w4-62ms-9ybz","summary":"squid-cache: Squid vulnerable to information disclosure via authentication credential leakage in error handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62168.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62168.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62168","reference_id":"","reference_type":"","scores":[{"value":"0.16244","scoring_system":"epss","scoring_elements":"0.9495","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62168"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62168","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62168"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/squid-cache/squid/commit/0951a0681011dfca3d78c84fd7f1e19c78a4443f","reference_id":"0951a0681011dfca3d78c84fd7f1e19c78a4443f","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-18T03:55:46Z/"}],"url":"https://github.com/squid-cache/squid/commit/0951a0681011dfca3d78c84fd7f1e19c78a4443f"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118341","reference_id":"1118341","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118341"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404736","reference_id":"2404736","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404736"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-c8cc-phh7-xmxr","reference_id":"GHSA-c8cc-phh7-xmxr","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-18T03:55:46Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-c8cc-phh7-xmxr"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19107","reference_id":"RHSA-2025:19107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19114","reference_id":"RHSA-2025:19114","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19114"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19115","reference_id":"RHSA-2025:19115","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19118","reference_id":"RHSA-2025:19118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19167","reference_id":"RHSA-2025:19167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19277","reference_id":"RHSA-2025:19277","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19277"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19398","reference_id":"RHSA-2025:19398","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19398"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19967","reference_id":"RHSA-2025:19967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20935","reference_id":"RHSA-2025:20935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21002","reference_id":"RHSA-2025:21002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21065","reference_id":"RHSA-2025:21065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21066","reference_id":"RHSA-2025:21066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21090","reference_id":"RHSA-2025:21090","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21090"},{"reference_url":"https://usn.ubuntu.com/7845-1/","reference_id":"USN-7845-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7845-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129658?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129660?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129659?format=json","purl":"pkg:deb/debian/squid@7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2025-62168"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t3w4-62ms-9ybz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91233?format=json","vulnerability_id":"VCID-t6es-ts47-7qfd","summary":"squid: denial of service in HTTP header parser","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25617.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25617.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25617","reference_id":"","reference_type":"","scores":[{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.801","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264309","reference_id":"2264309","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264309"},{"reference_url":"https://github.com/squid-cache/squid/commit/72a3bbd5e431597c3fdb56d752bc56b010ba3817","reference_id":"72a3bbd5e431597c3fdb56d752bc56b010ba3817","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-16T18:04:53Z/"}],"url":"https://github.com/squid-cache/squid/commit/72a3bbd5e431597c3fdb56d752bc56b010ba3817"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-h5x6-w8mv-xfpr","reference_id":"GHSA-h5x6-w8mv-xfpr","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-16T18:04:53Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-h5x6-w8mv-xfpr"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240322-0006/","reference_id":"ntap-20240322-0006","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-16T18:04:53Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240322-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1062","reference_id":"RHSA-2024:1062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1066","reference_id":"RHSA-2024:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1184","reference_id":"RHSA-2024:1184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1375","reference_id":"RHSA-2024:1375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1376","reference_id":"RHSA-2024:1376","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1787","reference_id":"RHSA-2024:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1832","reference_id":"RHSA-2024:1832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1833","reference_id":"RHSA-2024:1833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2777","reference_id":"RHSA-2024:2777","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2777"},{"reference_url":"https://usn.ubuntu.com/6728-1/","reference_id":"USN-6728-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6728-1/"},{"reference_url":"https://usn.ubuntu.com/6857-1/","reference_id":"USN-6857-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6857-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129632?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129633?format=json","purl":"pkg:deb/debian/squid@6.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2024-25617"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t6es-ts47-7qfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101392?format=json","vulnerability_id":"VCID-t7px-3uvt-a3hn","summary":"HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted \"Range headers with unidentifiable byte-range values.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3609.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3609.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3609","reference_id":"","reference_type":"","scores":[{"value":"0.8285","scoring_system":"epss","scoring_elements":"0.99265","published_at":"2026-06-04T12:55:00Z"},{"value":"0.8285","scoring_system":"epss","scoring_elements":"0.99266","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3609"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1134209","reference_id":"1134209","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1134209"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776194","reference_id":"776194","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1147","reference_id":"RHSA-2014:1147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1148","reference_id":"RHSA-2014:1148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1148"},{"reference_url":"https://usn.ubuntu.com/2327-1/","reference_id":"USN-2327-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2327-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129596?format=json","purl":"pkg:deb/debian/squid@2.7.STABLE9-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.7.STABLE9-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2014-3609"],"risk_score":1.4,"exploitability":"2.0","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t7px-3uvt-a3hn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101421?format=json","vulnerability_id":"VCID-tmvv-sp9e-pyc2","summary":"Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19132.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19132.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19132","reference_id":"","reference_type":"","scores":[{"value":"0.11349","scoring_system":"epss","scoring_elements":"0.93684","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11349","scoring_system":"epss","scoring_elements":"0.93693","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19132"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19132","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19132"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1645154","reference_id":"1645154","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1645154"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912294","reference_id":"912294","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912294"},{"reference_url":"https://usn.ubuntu.com/4059-1/","reference_id":"USN-4059-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4059-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129602?format=json","purl":"pkg:deb/debian/squid@4.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2018-19132"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tmvv-sp9e-pyc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101371?format=json","vulnerability_id":"VCID-tngg-53p5-n3hc","summary":"squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0247.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0247.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0247","reference_id":"","reference_type":"","scores":[{"value":"0.43589","scoring_system":"epss","scoring_elements":"0.97585","published_at":"2026-06-04T12:55:00Z"},{"value":"0.43589","scoring_system":"epss","scoring_elements":"0.9759","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0247"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0247","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0247"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=222883","reference_id":"222883","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=222883"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/29473.txt","reference_id":"CVE-2007-0247;OSVDB-39839","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/29473.txt"},{"reference_url":"https://www.securityfocus.com/bid/22079/info","reference_id":"CVE-2007-0247;OSVDB-39839","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/22079/info"},{"reference_url":"https://security.gentoo.org/glsa/200701-22","reference_id":"GLSA-200701-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200701-22"},{"reference_url":"https://usn.ubuntu.com/414-1/","reference_id":"USN-414-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/414-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129582?format=json","purl":"pkg:deb/debian/squid@2.6.5-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.6.5-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2007-0247"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tngg-53p5-n3hc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101437?format=json","vulnerability_id":"VCID-tpkk-2gpk-yqg9","summary":"The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3688","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1803","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18111","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3688"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-3688"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tpkk-2gpk-yqg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101384?format=json","vulnerability_id":"VCID-tqfm-fsxd-4udg","summary":"The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0639.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0639.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0639","reference_id":"","reference_type":"","scores":[{"value":"0.49372","scoring_system":"epss","scoring_elements":"0.97843","published_at":"2026-06-04T12:55:00Z"},{"value":"0.49372","scoring_system":"epss","scoring_elements":"0.97847","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0639"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0639","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0639"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=565426","reference_id":"565426","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=565426"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572553","reference_id":"572553","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572553"},{"reference_url":"https://security.gentoo.org/glsa/201110-24","reference_id":"GLSA-201110-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-24"},{"reference_url":"https://usn.ubuntu.com/904-1/","reference_id":"USN-904-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/904-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129591?format=json","purl":"pkg:deb/debian/squid@2.7.STABLE8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.7.STABLE8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2010-0639"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tqfm-fsxd-4udg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101407?format=json","vulnerability_id":"VCID-tr27-d4mz-yydt","summary":"Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3948.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3948.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3948","reference_id":"","reference_type":"","scores":[{"value":"0.69622","scoring_system":"epss","scoring_elements":"0.98676","published_at":"2026-06-04T12:55:00Z"},{"value":"0.69622","scoring_system":"epss","scoring_elements":"0.98677","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1323594","reference_id":"1323594","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1323594"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2600","reference_id":"RHSA-2016:2600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2600"},{"reference_url":"https://usn.ubuntu.com/3557-1/","reference_id":"USN-3557-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3557-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-3948"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tr27-d4mz-yydt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101374?format=json","vulnerability_id":"VCID-ts68-9k9c-nbam","summary":"The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of service (daemon crash) via crafted TRACE requests that trigger an assertion error.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1560.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1560.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1560","reference_id":"","reference_type":"","scores":[{"value":"0.70551","scoring_system":"epss","scoring_elements":"0.9871","published_at":"2026-06-04T12:55:00Z"},{"value":"0.70551","scoring_system":"epss","scoring_elements":"0.98711","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1560"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618302","reference_id":"1618302","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618302"},{"reference_url":"https://security.gentoo.org/glsa/200703-27","reference_id":"GLSA-200703-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200703-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0131","reference_id":"RHSA-2007:0131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0131"},{"reference_url":"https://usn.ubuntu.com/441-1/","reference_id":"USN-441-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/441-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129584?format=json","purl":"pkg:deb/debian/squid@2.6.5-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.6.5-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2007-1560"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ts68-9k9c-nbam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101342?format=json","vulnerability_id":"VCID-tssg-ugfw-duhk","summary":"The \"%xx\" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL (\"%00\") character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0189.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0189.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0189","reference_id":"","reference_type":"","scores":[{"value":"0.02494","scoring_system":"epss","scoring_elements":"0.85593","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02494","scoring_system":"epss","scoring_elements":"0.85615","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0189"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0189","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0189"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617177","reference_id":"1617177","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617177"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/23777.txt","reference_id":"CVE-2004-0189;OSVDB-5916","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/23777.txt"},{"reference_url":"https://www.securityfocus.com/bid/9778/info","reference_id":"CVE-2004-0189;OSVDB-5916","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/9778/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:133","reference_id":"RHSA-2004:133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:134","reference_id":"RHSA-2004:134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:134"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129562?format=json","purl":"pkg:deb/debian/squid@2.5.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0189"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tssg-ugfw-duhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4099?format=json","vulnerability_id":"VCID-tx95-zybd-kfck","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12527.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12527.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12527","reference_id":"","reference_type":"","scores":[{"value":"0.1216","scoring_system":"epss","scoring_elements":"0.93954","published_at":"2026-06-04T12:55:00Z"},{"value":"0.1216","scoring_system":"epss","scoring_elements":"0.93963","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13345"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1730533","reference_id":"1730533","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1730533"},{"reference_url":"https://security.archlinux.org/ASA-201907-5","reference_id":"ASA-201907-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201907-5"},{"reference_url":"https://security.archlinux.org/AVG-1004","reference_id":"AVG-1004","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2593","reference_id":"RHSA-2019:2593","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2593"},{"reference_url":"https://usn.ubuntu.com/4065-1/","reference_id":"USN-4065-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4065-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129604?format=json","purl":"pkg:deb/debian/squid@4.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12527"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tx95-zybd-kfck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101381?format=json","vulnerability_id":"VCID-u2fc-fqcr-rfgq","summary":"Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) \"missing or mismatched protocol identifier,\" (2) missing or negative status value,\" (3) \"missing version,\" or (4) \"missing or invalid status number,\" related to (a) HttpMsg.cc and (b) HttpReply.cc.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2622.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2622.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2622","reference_id":"","reference_type":"","scores":[{"value":"0.26189","scoring_system":"epss","scoring_elements":"0.96395","published_at":"2026-06-04T12:55:00Z"},{"value":"0.26189","scoring_system":"epss","scoring_elements":"0.964","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2622"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=514013","reference_id":"514013","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=514013"},{"reference_url":"https://security.gentoo.org/glsa/201110-24","reference_id":"GLSA-201110-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2622"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u2fc-fqcr-rfgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101370?format=json","vulnerability_id":"VCID-u8gf-87r9-wfcu","summary":"Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3322","reference_id":"","reference_type":"","scores":[{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72619","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72659","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3322"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-3322"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u8gf-87r9-wfcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101430?format=json","vulnerability_id":"VCID-u9xe-qp75-j3by","summary":"An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking its table. The length is then used to start decoding the string. There are no checks to ensure that the length it calculates isn't greater than the input buffer. This leads to adjacent memory being decoded as well. An attacker would not be able to retrieve the decoded data unless the Squid maintainer had configured the display of usernames on error pages.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12529.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12529.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12529","reference_id":"","reference_type":"","scores":[{"value":"0.17466","scoring_system":"epss","scoring_elements":"0.95198","published_at":"2026-06-04T12:55:00Z"},{"value":"0.17466","scoring_system":"epss","scoring_elements":"0.95205","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13345"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1730528","reference_id":"1730528","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1730528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4065-1/","reference_id":"USN-4065-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4065-1/"},{"reference_url":"https://usn.ubuntu.com/4065-2/","reference_id":"USN-4065-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4065-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129604?format=json","purl":"pkg:deb/debian/squid@4.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12529"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u9xe-qp75-j3by"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101362?format=json","vulnerability_id":"VCID-u9zn-mbvn-wqf6","summary":"Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0626.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0626.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0626","reference_id":"","reference_type":"","scores":[{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25729","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25832","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0626"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617553","reference_id":"1617553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:415","reference_id":"RHSA-2005:415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:415"},{"reference_url":"https://usn.ubuntu.com/93-1/","reference_id":"USN-93-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/93-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129575?format=json","purl":"pkg:deb/debian/squid@2.5.9-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.9-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0626"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u9zn-mbvn-wqf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101401?format=json","vulnerability_id":"VCID-uusw-t2an-subt","summary":"The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote attackers to cause a denial of service (application crash) via a plaintext HTTP message.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2390.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2390.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2390","reference_id":"","reference_type":"","scores":[{"value":"0.21283","scoring_system":"epss","scoring_elements":"0.9579","published_at":"2026-06-04T12:55:00Z"},{"value":"0.21283","scoring_system":"epss","scoring_elements":"0.95794","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2390"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1308865","reference_id":"1308865","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1308865"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2390"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uusw-t2an-subt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92204?format=json","vulnerability_id":"VCID-vjfh-zvm8-1bck","summary":"squid: denial of Service in FTP","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46848.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46848.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46848","reference_id":"","reference_type":"","scores":[{"value":"0.07162","scoring_system":"epss","scoring_elements":"0.91726","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46848"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055251","reference_id":"1055251","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055251"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245919","reference_id":"2245919","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245919"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6266","reference_id":"RHSA-2023:6266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6268","reference_id":"RHSA-2023:6268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6748","reference_id":"RHSA-2023:6748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6748"},{"reference_url":"https://usn.ubuntu.com/6500-1/","reference_id":"USN-6500-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6500-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129632?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129633?format=json","purl":"pkg:deb/debian/squid@6.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2023-46848"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vjfh-zvm8-1bck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101452?format=json","vulnerability_id":"VCID-vq4z-dh63-dqcr","summary":"In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46784.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46784","reference_id":"","reference_type":"","scores":[{"value":"0.16362","scoring_system":"epss","scoring_elements":"0.9498","published_at":"2026-06-04T12:55:00Z"},{"value":"0.16362","scoring_system":"epss","scoring_elements":"0.94988","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2100721","reference_id":"2100721","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2100721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5526","reference_id":"RHSA-2022:5526","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5526"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5527","reference_id":"RHSA-2022:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5528","reference_id":"RHSA-2022:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5529","reference_id":"RHSA-2022:5529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5530","reference_id":"RHSA-2022:5530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5542","reference_id":"RHSA-2022:5542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5542"},{"reference_url":"https://usn.ubuntu.com/5491-1/","reference_id":"USN-5491-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5491-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129620?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129626?format=json","purl":"pkg:deb/debian/squid@5.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2021-46784"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vq4z-dh63-dqcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101418?format=json","vulnerability_id":"VCID-vtfj-m8fv-67fz","summary":"The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000027.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000027.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000027","reference_id":"","reference_type":"","scores":[{"value":"0.65998","scoring_system":"epss","scoring_elements":"0.9853","published_at":"2026-06-04T12:55:00Z"},{"value":"0.65998","scoring_system":"epss","scoring_elements":"0.98533","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000027"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000027","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000027"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1536942","reference_id":"1536942","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1536942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1068","reference_id":"RHSA-2020:1068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1068"},{"reference_url":"https://usn.ubuntu.com/3557-1/","reference_id":"USN-3557-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3557-1/"},{"reference_url":"https://usn.ubuntu.com/4059-2/","reference_id":"USN-4059-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4059-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2018-1000027"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtfj-m8fv-67fz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92197?format=json","vulnerability_id":"VCID-vunj-31xk-9bcf","summary":"squid: Request/Response smuggling in HTTP/1.1 and ICAP","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46846.json","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46846.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46846","reference_id":"","reference_type":"","scores":[{"value":"0.09816","scoring_system":"epss","scoring_elements":"0.93123","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054537","reference_id":"1054537","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054537"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245910","reference_id":"2245910","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T21:18:15Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245910"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.1::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.1::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.1::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-46846","reference_id":"CVE-2023-46846","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T21:18:15Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-46846"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh","reference_id":"GHSA-j83v-w3p4-5cqh","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T21:18:15Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6266","reference_id":"RHSA-2023:6266","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T21:18:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:6266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6267","reference_id":"RHSA-2023:6267","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T21:18:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:6267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6268","reference_id":"RHSA-2023:6268","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T21:18:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:6268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6748","reference_id":"RHSA-2023:6748","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T21:18:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:6748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6801","reference_id":"RHSA-2023:6801","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T21:18:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:6801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6803","reference_id":"RHSA-2023:6803","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T21:18:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:6803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6804","reference_id":"RHSA-2023:6804","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T21:18:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:6804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6810","reference_id":"RHSA-2023:6810","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T21:18:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:6810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7213","reference_id":"RHSA-2023:7213","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T21:18:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:7213"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11049","reference_id":"RHSA-2024:11049","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T21:18:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:11049"},{"reference_url":"https://usn.ubuntu.com/6500-1/","reference_id":"USN-6500-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6500-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129632?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129633?format=json","purl":"pkg:deb/debian/squid@6.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2023-46846"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vunj-31xk-9bcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101385?format=json","vulnerability_id":"VCID-wg99-dwxv-f3ft","summary":"The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3072.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3072.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3072","reference_id":"","reference_type":"","scores":[{"value":"0.72511","scoring_system":"epss","scoring_elements":"0.98784","published_at":"2026-06-04T12:55:00Z"},{"value":"0.72511","scoring_system":"epss","scoring_elements":"0.98785","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3072"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=630444","reference_id":"630444","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=630444"},{"reference_url":"https://security.gentoo.org/glsa/201110-24","reference_id":"GLSA-201110-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0545","reference_id":"RHSA-2011:0545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0545"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2010-3072"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wg99-dwxv-f3ft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101443?format=json","vulnerability_id":"VCID-wgzx-2d4n-pub4","summary":"Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24606.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24606.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24606","reference_id":"","reference_type":"","scores":[{"value":"0.06342","scoring_system":"epss","scoring_elements":"0.91147","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06342","scoring_system":"epss","scoring_elements":"0.9116","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15811","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15811"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24606"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1871705","reference_id":"1871705","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1871705"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968933","reference_id":"968933","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4082","reference_id":"RHSA-2020:4082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4743","reference_id":"RHSA-2020:4743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4743"},{"reference_url":"https://usn.ubuntu.com/4477-1/","reference_id":"USN-4477-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4477-1/"},{"reference_url":"https://usn.ubuntu.com/4551-1/","reference_id":"USN-4551-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4551-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129616?format=json","purl":"pkg:deb/debian/squid@4.13-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2020-24606"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wgzx-2d4n-pub4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101345?format=json","vulnerability_id":"VCID-wjb2-xee7-r3aj","summary":"The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0832.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0832.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0832","reference_id":"","reference_type":"","scores":[{"value":"0.12288","scoring_system":"epss","scoring_elements":"0.93994","published_at":"2026-06-04T12:55:00Z"},{"value":"0.12288","scoring_system":"epss","scoring_elements":"0.94003","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0832"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617307","reference_id":"1617307","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617307"},{"reference_url":"https://security.gentoo.org/glsa/200409-04","reference_id":"GLSA-200409-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200409-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:462","reference_id":"RHSA-2004:462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:462"},{"reference_url":"https://usn.ubuntu.com/19-1/","reference_id":"USN-19-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/19-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129564?format=json","purl":"pkg:deb/debian/squid@2.5.6-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.6-8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0832"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wjb2-xee7-r3aj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101369?format=json","vulnerability_id":"VCID-wjz5-fn94-vuay","summary":"The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain \"odd\" responses.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3258.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3258.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3258","reference_id":"","reference_type":"","scores":[{"value":"0.24101","scoring_system":"epss","scoring_elements":"0.96165","published_at":"2026-06-04T12:55:00Z"},{"value":"0.24101","scoring_system":"epss","scoring_elements":"0.96171","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3258"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-3258"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wjz5-fn94-vuay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101356?format=json","vulnerability_id":"VCID-wnju-cy2b-ducs","summary":"Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0175.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0175.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0175","reference_id":"","reference_type":"","scores":[{"value":"0.77757","scoring_system":"epss","scoring_elements":"0.99015","published_at":"2026-06-04T12:55:00Z"},{"value":"0.77757","scoring_system":"epss","scoring_elements":"0.99016","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0175"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0175","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0175"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617480","reference_id":"1617480","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:060","reference_id":"RHSA-2005:060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:061","reference_id":"RHSA-2005:061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:061"},{"reference_url":"https://usn.ubuntu.com/77-1/","reference_id":"USN-77-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/77-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129570?format=json","purl":"pkg:deb/debian/squid@2.5.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0175"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wnju-cy2b-ducs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101349?format=json","vulnerability_id":"VCID-wsxk-va4y-1yej","summary":"The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors that trigger a null dereference.  NOTE: in a followup advisory, a researcher claimed that the issue was a buffer overflow that was not fixed in STABLE6. However, the vendor's bug report clearly shows that the researcher later retracted this claim, because the tested product was actually STABLE5.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2654.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2654.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-2654","reference_id":"","reference_type":"","scores":[{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66675","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66715","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-2654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2654"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129568?format=json","purl":"pkg:deb/debian/squid@2.5.6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2004-2654"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wsxk-va4y-1yej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3186?format=json","vulnerability_id":"VCID-wtj6-hbvh-9qe4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41317.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41317.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41317","reference_id":"","reference_type":"","scores":[{"value":"0.0197","scoring_system":"epss","scoring_elements":"0.83884","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0197","scoring_system":"epss","scoring_elements":"0.83861","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41318","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41318"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/09/23/1","reference_id":"1","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:18:46Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/09/23/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1020587","reference_id":"1020587","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1020587"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2129770","reference_id":"2129770","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2129770"},{"reference_url":"https://security.archlinux.org/AVG-2816","reference_id":"AVG-2816","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2816"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-rcg9-7fqm-83mq","reference_id":"GHSA-rcg9-7fqm-83mq","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:18:46Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-rcg9-7fqm-83mq"},{"reference_url":"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_1.patch","reference_id":"SQUID-2022_1.patch","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:18:46Z/"}],"url":"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_1.patch"},{"reference_url":"http://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_1.patch","reference_id":"SQUID-2022_1.patch","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:18:46Z/"}],"url":"http://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_1.patch"},{"reference_url":"https://usn.ubuntu.com/5641-1/","reference_id":"USN-5641-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5641-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129629?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129628?format=json","purl":"pkg:deb/debian/squid@5.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2022-41317"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wtj6-hbvh-9qe4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101399?format=json","vulnerability_id":"VCID-x2zt-6c9e-xuck","summary":"Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3455.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3455.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3455","reference_id":"","reference_type":"","scores":[{"value":"0.06474","scoring_system":"epss","scoring_elements":"0.9125","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06474","scoring_system":"epss","scoring_elements":"0.91263","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3455"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3455","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3455"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1218118","reference_id":"1218118","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1218118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2378","reference_id":"RHSA-2015:2378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2378"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129589?format=json","purl":"pkg:deb/debian/squid@4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2015-3455"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x2zt-6c9e-xuck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101415?format=json","vulnerability_id":"VCID-x6a1-9sht-uueb","summary":"client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4555.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4555.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4555","reference_id":"","reference_type":"","scores":[{"value":"0.62841","scoring_system":"epss","scoring_elements":"0.98404","published_at":"2026-06-04T12:55:00Z"},{"value":"0.62841","scoring_system":"epss","scoring_elements":"0.98407","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1334246","reference_id":"1334246","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1334246"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1139","reference_id":"RHSA-2016:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1140","reference_id":"RHSA-2016:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1140"},{"reference_url":"https://usn.ubuntu.com/2995-1/","reference_id":"USN-2995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-4555"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x6a1-9sht-uueb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91342?format=json","vulnerability_id":"VCID-xeks-5rpn-5fb4","summary":"squid: vulnerable to a Denial of Service attack against Cache Manager error responses","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23638.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23638.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-23638","reference_id":"","reference_type":"","scores":[{"value":"0.12145","scoring_system":"epss","scoring_elements":"0.9396","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-23638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2260051","reference_id":"2260051","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2260051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4861","reference_id":"RHSA-2024:4861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9644","reference_id":"RHSA-2024:9644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9644"},{"reference_url":"https://usn.ubuntu.com/6728-1/","reference_id":"USN-6728-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6728-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129632?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129646?format=json","purl":"pkg:deb/debian/squid@6.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2024-23638"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xeks-5rpn-5fb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101377?format=json","vulnerability_id":"VCID-xrsk-4r8v-xqh2","summary":"The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error.  NOTE: this issue is due to an incorrect fix for CVE-2007-6239.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1612.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1612.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1612","reference_id":"","reference_type":"","scores":[{"value":"0.13093","scoring_system":"epss","scoring_elements":"0.94242","published_at":"2026-06-04T12:55:00Z"},{"value":"0.13093","scoring_system":"epss","scoring_elements":"0.9425","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1612"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1612","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1612"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=439801","reference_id":"439801","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=439801"},{"reference_url":"https://security.gentoo.org/glsa/200903-38","reference_id":"GLSA-200903-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200903-38"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0214","reference_id":"RHSA-2008:0214","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0214"},{"reference_url":"https://usn.ubuntu.com/601-1/","reference_id":"USN-601-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/601-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129586?format=json","purl":"pkg:deb/debian/squid@2.6.18-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2008-1612"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xrsk-4r8v-xqh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101360?format=json","vulnerability_id":"VCID-xz37-ydtt-juh5","summary":"Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0446.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0446.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0446","reference_id":"","reference_type":"","scores":[{"value":"0.65887","scoring_system":"epss","scoring_elements":"0.98526","published_at":"2026-06-04T12:55:00Z"},{"value":"0.65887","scoring_system":"epss","scoring_elements":"0.98529","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0446"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0446","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0446"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617523","reference_id":"1617523","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617523"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:173","reference_id":"RHSA-2005:173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:201","reference_id":"RHSA-2005:201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:201"},{"reference_url":"https://usn.ubuntu.com/84-1/","reference_id":"USN-84-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/84-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129573?format=json","purl":"pkg:deb/debian/squid@2.5.8-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.8-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0446"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xz37-ydtt-juh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101353?format=json","vulnerability_id":"VCID-xzre-8mk2-gyfa","summary":"The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0097.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0097.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0097","reference_id":"","reference_type":"","scores":[{"value":"0.48277","scoring_system":"epss","scoring_elements":"0.97792","published_at":"2026-06-04T12:55:00Z"},{"value":"0.48277","scoring_system":"epss","scoring_elements":"0.97795","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0097"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617458","reference_id":"1617458","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:060","reference_id":"RHSA-2005:060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:061","reference_id":"RHSA-2005:061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:061"},{"reference_url":"https://usn.ubuntu.com/67-1/","reference_id":"USN-67-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/67-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129569?format=json","purl":"pkg:deb/debian/squid@2.5.7-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.7-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0097"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xzre-8mk2-gyfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101347?format=json","vulnerability_id":"VCID-y8s6-9ezw-e7a2","summary":"Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2479.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2479.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-2479","reference_id":"","reference_type":"","scores":[{"value":"0.0103","scoring_system":"epss","scoring_elements":"0.77663","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0103","scoring_system":"epss","scoring_elements":"0.7769","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-2479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2479"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617425","reference_id":"1617425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617425"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:766","reference_id":"RHSA-2005:766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:766"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129566?format=json","purl":"pkg:deb/debian/squid@2.5.8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2004-2479"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y8s6-9ezw-e7a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5190?format=json","vulnerability_id":"VCID-yfe1-64pn-gbgc","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41611.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41611.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41611","reference_id":"","reference_type":"","scores":[{"value":"0.0112","scoring_system":"epss","scoring_elements":"0.78575","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0112","scoring_system":"epss","scoring_elements":"0.78602","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41611"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2010685","reference_id":"2010685","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2010685"},{"reference_url":"https://security.archlinux.org/AVG-1667","reference_id":"AVG-1667","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1667"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129618?format=json","purl":"pkg:deb/debian/squid@5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2021-41611"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yfe1-64pn-gbgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87764?format=json","vulnerability_id":"VCID-yhrb-q44p-c3bk","summary":"squid: Denial of Service processing ESI response content","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45802.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45802.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45802","reference_id":"","reference_type":"","scores":[{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.76389","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45802"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322154","reference_id":"2322154","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322154"},{"reference_url":"https://github.com/squid-cache/squid/security/advisories/GHSA-f975-v7qw-q7hj","reference_id":"GHSA-f975-v7qw-q7hj","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-28T14:47:34Z/"}],"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-f975-v7qw-q7hj"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9624","reference_id":"RHSA-2024:9624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9625","reference_id":"RHSA-2024:9625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9644","reference_id":"RHSA-2024:9644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9677","reference_id":"RHSA-2024:9677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9678","reference_id":"RHSA-2024:9678","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9678"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9729","reference_id":"RHSA-2024:9729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9738","reference_id":"RHSA-2024:9738","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9813","reference_id":"RHSA-2024:9813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9814","reference_id":"RHSA-2024:9814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9815","reference_id":"RHSA-2024:9815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9815"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129652?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129656?format=json","purl":"pkg:deb/debian/squid@6.12-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.12-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2024-45802"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yhrb-q44p-c3bk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101402?format=json","vulnerability_id":"VCID-z9fz-nr3a-vqar","summary":"Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary header.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2569.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2569.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2569","reference_id":"","reference_type":"","scores":[{"value":"0.70316","scoring_system":"epss","scoring_elements":"0.98702","published_at":"2026-06-04T12:55:00Z"},{"value":"0.70316","scoring_system":"epss","scoring_elements":"0.98703","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2569"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312257","reference_id":"1312257","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312257"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2600","reference_id":"RHSA-2016:2600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2600"},{"reference_url":"https://usn.ubuntu.com/3557-1/","reference_id":"USN-3557-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3557-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2569"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z9fz-nr3a-vqar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101343?format=json","vulnerability_id":"VCID-z9sc-3ube-abaq","summary":"Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password (\"pass\" variable).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0541.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0541.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0541","reference_id":"","reference_type":"","scores":[{"value":"0.76951","scoring_system":"epss","scoring_elements":"0.98977","published_at":"2026-06-04T12:55:00Z"},{"value":"0.76951","scoring_system":"epss","scoring_elements":"0.98978","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0541"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617226","reference_id":"1617226","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617226"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16847.rb","reference_id":"CVE-2004-0541;OSVDB-6791","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16847.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/9951.rb","reference_id":"CVE-2004-0541;OSVDB-6791","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/9951.rb"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:242","reference_id":"RHSA-2004:242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:242"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129563?format=json","purl":"pkg:deb/debian/squid@2.5.5-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@2.5.5-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0541"],"risk_score":1.4,"exploitability":"2.0","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z9sc-3ube-abaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101428?format=json","vulnerability_id":"VCID-ze1z-qhyc-8ygm","summary":"An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12525.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12525.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12525","reference_id":"","reference_type":"","scores":[{"value":"0.54551","scoring_system":"epss","scoring_elements":"0.98073","published_at":"2026-06-04T12:55:00Z"},{"value":"0.54551","scoring_system":"epss","scoring_elements":"0.98075","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13345"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1730535","reference_id":"1730535","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1730535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2040","reference_id":"RHSA-2020:2040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2041","reference_id":"RHSA-2020:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2041"},{"reference_url":"https://usn.ubuntu.com/4065-1/","reference_id":"USN-4065-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4065-1/"},{"reference_url":"https://usn.ubuntu.com/4065-2/","reference_id":"USN-4065-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4065-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129604?format=json","purl":"pkg:deb/debian/squid@4.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12525"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ze1z-qhyc-8ygm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101389?format=json","vulnerability_id":"VCID-zq3z-pce4-5udp","summary":"Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service (memory corruption and server termination) via a long name in a DNS lookup request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4115.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4115.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4115","reference_id":"","reference_type":"","scores":[{"value":"0.75061","scoring_system":"epss","scoring_elements":"0.98893","published_at":"2026-06-04T12:55:00Z"},{"value":"0.75061","scoring_system":"epss","scoring_elements":"0.98895","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4115"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=983653","reference_id":"983653","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=983653"},{"reference_url":"https://security.gentoo.org/glsa/201309-22","reference_id":"GLSA-201309-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1148","reference_id":"RHSA-2014:1148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1148"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2013-4115"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zq3z-pce4-5udp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101405?format=json","vulnerability_id":"VCID-ztr3-ygr2-ffbf","summary":"http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2572.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2572.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2572","reference_id":"","reference_type":"","scores":[{"value":"0.11159","scoring_system":"epss","scoring_elements":"0.93627","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11159","scoring_system":"epss","scoring_elements":"0.93637","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2572"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312262","reference_id":"1312262","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312262"},{"reference_url":"https://security.gentoo.org/glsa/201607-01","reference_id":"GLSA-201607-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2600","reference_id":"RHSA-2016:2600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2600"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129559?format=json","purl":"pkg:deb/debian/squid@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129554?format=json","purl":"pkg:deb/debian/squid@4.13-10%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129552?format=json","purl":"pkg:deb/debian/squid@5.7-2%2Bdeb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-7sua-wuyu-cqby"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@5.7-2%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129556?format=json","purl":"pkg:deb/debian/squid@6.13-2%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tpw-u7cg-hqd7"},{"vulnerability":"VCID-pshb-b8z8-gqhm"},{"vulnerability":"VCID-qyjc-znbd-dub6"},{"vulnerability":"VCID-rv56-tjvg-bbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@6.13-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/129555?format=json","purl":"pkg:deb/debian/squid@7.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@7.5-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2572"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ztr3-ygr2-ffbf"}],"risk_score":"3.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid@4.13-10%252Bdeb11u3%3Fdistro=trixie"}