{"id":"USN-4065-1","summary":"squid, squid3 vulnerabilities","details":"It was discovered that Squid incorrectly handled Digest authentication. A\nremote attacker could possibly use this issue to cause Squid to crash,\nresulting in a denial of service. (CVE-2019-12525)\n\nIt was discovered that Squid incorrectly handled Basic authentication. A\nremote attacker could use this issue to cause Squid to crash, resulting in\na denial of service, or possibly execute arbitrary code. This issue only\naffected Ubuntu 19.04. (CVE-2019-12527)\n\nIt was discovered that Squid incorrectly handled Basic authentication. A\nremote attacker could possibly use this issue to cause Squid to crash,\nresulting in a denial of service. (CVE-2019-12529)\n","modified":"2026-02-10T04:41:34Z","published":"2019-07-18T17:22:23Z","related":["UBUNTU-CVE-2019-12525","UBUNTU-CVE-2019-12529"],"upstream":["CVE-2019-12525","CVE-2019-12529","UBUNTU-CVE-2019-12525","UBUNTU-CVE-2019-12527","UBUNTU-CVE-2019-12529"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4065-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-12525"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-12527"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-12529"}],"affected":[{"package":{"name":"squid3","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/squid3@3.5.12-1ubuntu7.8?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.5.12-1ubuntu7.8"}]}],"versions":["3.3.8-1ubuntu16","3.3.8-1ubuntu17","3.5.12-1ubuntu6","3.5.12-1ubuntu7","3.5.12-1ubuntu7.1","3.5.12-1ubuntu7.2","3.5.12-1ubuntu7.3","3.5.12-1ubuntu7.4","3.5.12-1ubuntu7.5","3.5.12-1ubuntu7.6","3.5.12-1ubuntu7.7"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"squid","binary_version":"3.5.12-1ubuntu7.8"},{"binary_name":"squid-cgi","binary_version":"3.5.12-1ubuntu7.8"},{"binary_name":"squid-common","binary_version":"3.5.12-1ubuntu7.8"},{"binary_name":"squid-purge","binary_version":"3.5.12-1ubuntu7.8"},{"binary_name":"squid3","binary_version":"3.5.12-1ubuntu7.8"},{"binary_name":"squidclient","binary_version":"3.5.12-1ubuntu7.8"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4065-1.json","cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[{"id":"CVE-2019-12525","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2019-12529","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"squid3","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/squid3@3.5.27-1ubuntu1.3?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.5.27-1ubuntu1.3"}]}],"versions":["3.5.23-5ubuntu1","3.5.23-5ubuntu2","3.5.27-1ubuntu1","3.5.27-1ubuntu1.1","3.5.27-1ubuntu1.2"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"squid","binary_version":"3.5.27-1ubuntu1.3"},{"binary_name":"squid-cgi","binary_version":"3.5.27-1ubuntu1.3"},{"binary_name":"squid-common","binary_version":"3.5.27-1ubuntu1.3"},{"binary_name":"squid-purge","binary_version":"3.5.27-1ubuntu1.3"},{"binary_name":"squid3","binary_version":"3.5.27-1ubuntu1.3"},{"binary_name":"squidclient","binary_version":"3.5.27-1ubuntu1.3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4065-1.json","cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2019-12525","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2019-12529","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}}],"schema_version":"1.7.3"}