MGASA-2019-0265 — Vulnetix

MGASA-2019-0265 PUBLISHED CVSS 9.300000190734863 CRITICAL

Updated squid packages fix security vulnerabilities: It was discovered that Squid incorrectly handled Digest authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service (CVE-2019-12525). It was discovered that Squid incorrectly handled Basic authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service (CVE-2019-12529). It was discovered that Squid incorrectly handled the cachemgr.cgi web module. A remote attacker could possibly use this issue to conduct cross-site scripting (XSS) attacks (CVE-2019-13345).

Risk Scores

CVSS v4.0

9.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
Mageia:6	squid	0, 0

Timeline

Sep 12, 2019 CVE Published
Apr 16, 2026 CVE Updated

References

https://advisories.mageia.org/MGASA-2019-0265.html advisory
https://bugs.mageia.org/show_bug.cgi?id=25110 report
https://usn.ubuntu.com/4059-1/ advisory
https://usn.ubuntu.com/4065-1/ advisory

Open in Interactive Console →