[squid-users] Squid Vulnerabilities
Alexandru Mateescu
alexandru.mateescu at retailinmotion.com
Mon Aug 26 06:23:09 UTC 2024
Internal
Hi all
In October 2023 the free vulnerabilities scanner of Greenbone (Openvas) has started reporting high vulnerabilities on squid for all versions.
When I questioned them about it they indicated https://megamansec.github.io/Squid-Security-Audit/ as their source of truth and to date they have not reduced the score of the vulnerability causing extensive issues for me and my security team.
I further asked them about it and they are looking for a published list of security advisories about these vulnerabilities.
Would it be possible to issue such a list for whichever ones are fixed to date in squid 6.10 so maybe they can lower that vulnerability score?
Regards
Alex Mateescu
The information contained in this email transmission is confidential and may be privileged. It is intended only for the addressee(s) stated above. If you are not an addressee, any use, dissemination, distribution, publication or copying of the information contained in this email is strictly prohibited. It is your responsibility to scan this email and any attachments for viruses. If you have received this email in error, please immediately notify us at infosec at retailinmotion.com<mailto:infosec at retailinmotion.com> and delete the email from your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20240826/60a1479d/attachment.htm>
More information about the squid-users
mailing list