VDB

ALPINE-CVE-2019-13345

ALPINE-CVE-2019-13345 PUBLISHED CVSS 6.099999904632568 MEDIUM

The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.

Risk Scores

CVSS 3.0
6.099999904632568
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products

VendorProductVersions
Alpine:v3.19squid0, 0, 2.7.6-r0
Alpine:v3.18squid0, 2.7.6-r0, 2.7.6-r1
Alpine:v3.23squid0, 0, 4.6-r1
Alpinesquid
Alpine:v3.12squid0, 2.7.6-r0, 2.7.6-r1
Alpine:v3.9squid3.5.6-r1, 0, 0
Alpine:v3.16squid3.2.2-r0, 3.2.0.19-r1, 3.2.0.19-r0
Alpine:v3.13squid3.5.19-r0, 2.7.6-r11, 2.7.6-r0
Alpine:v3.7squid2.7.6-r0, 2.7.6-r10, 2.7.6-r11
Alpine:v3.15squid3.2.0.19-r0, 3.2.0.18-r1, 3.2.0.18-r0
Alpine:v3.20squid3.5.2-r0, 3.5.2-r0, 3.5.28-r0
Alpine:v3.17squid0, 0, 4.6-r1
Alpine:v3.11squid2.7.7-r1, 0, 2.7.6-r0
Alpine:v3.10squid0, 0, 4.6-r1
Alpine:v3.14squid4.2-r1, 0, 0
Alpine:v3.24squid0, 0
Alpine:v3.22squid2.7.7-r1, 2.7.7-r2, 2.7.7-r3
Alpine:v3.8squid2.7.6-r3, 0, 3.5.8-r0
Alpine:v3.21squid0, 2.7.6-r1, 2.7.6-r10

Timeline

  • Jul 5, 2019 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Jun 9, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›