Lucene search
K

82 matches found

RedHat Linux
RedHat Linux
added 2026/03/31 8:9 p.m.3 views

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.2CVSS5.9AI score0.08942EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/03/31 8:9 p.m.2 views

squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling

A flaw was found in Squid. A remote attacker can exploit a heap Use-After-Free vulnerability when handling ICP Internet Cache Protocol traffic. This allows them to perform a reliable and repeatable Denial of Service DoS attack, making the Squid service unavailable. This attack is limited to...

9.2CVSS5.8AI score0.08942EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/31 8:9 p.m.3 views

Squid: Squid: Denial of Service via crafted ICP traffic

A flaw was found in Squid. A remote attacker can exploit this vulnerability by sending specially crafted ICP Internet Cache Protocol traffic. This can lead to a Denial of Service DoS due to premature resource release and use-after-free vulnerabilities. This attack is possible in Squid deployments...

8.7CVSS5.9AI score0.08931EPSS
Exploits0References7
OSV
OSV
added 2026/03/31 9:1 a.m.9 views

CLSA-2026-1774947708 squid: Fix of 3 CVEs

CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS - CVE-2026-33515: fix out-of-bounds read in ICP message handling leaking sensitive information - CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing Use-After-Free DoS...

9.2CVSS5.8AI score0.08942EPSS
Exploits0References1
AlmaLinux
AlmaLinux
added 2026/03/31 12:0 a.m.7 views

Important: squid security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling CVE-2026-33526 Squid: Squid: Denial of Service via crafted ICP traffic CVE-2026-32748 For...

9.2CVSS5.9AI score0.08942EPSS
Exploits0References6
OSV
OSV
added 2026/03/30 1:32 p.m.6 views

CLSA-2026-1774877548 squid: Fix of 3 CVEs

CVE-2026-33526: fix heap use-after-free due to double rfc1738escape in ICP error handling - CVE-2026-33515: fix validation of ICP packet sizes and URLs to prevent out-of-bounds reads - CVE-2026-32748: fix HttpRequest use-after-free in ICP v3 query handling...

9.2CVSS5.8AI score0.08942EPSS
Exploits0References1
OSV
OSV
added 2026/03/30 12:39 p.m.9 views

CLSA-2026-1774874340 squid: Fix of 3 CVEs

CVE-2026-33526: fix heap use-after-free due to double rfc1738escape in ICP error handling - CVE-2026-33515: fix validation of ICP packet sizes and URLs to prevent out-of-bounds reads - CVE-2026-32748: fix HttpRequest use-after-free in ICP v3 query handling...

9.2CVSS5.8AI score0.08942EPSS
Exploits0References1
OSV
OSV
added 2026/03/27 2:41 p.m.8 views

CLSA-2026-1774622460 squid: Fix of 3 CVEs

CVE-2025-59362: fix ASN.1 encoding of long SNMP OIDs - CVE-2026-33526: do not escape malformed URI twice when sending ICP errors - CVE-2026-33515: fix validation of ICP packet sizes and URLs...

9.2CVSS5.8AI score0.08942EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2026/03/27 8:1 a.m.6 views

Squid has Denial of Service in ICP Response handling

...

8.7CVSS5.8AI score0.08931EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/03/27 8:1 a.m.3 views

Squid has issues in ICP message handling

...

6.9CVSS5.8AI score0.01039EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/03/27 8:1 a.m.2 views

Squid vulnerable to Denial of Service in ICP Request handling

...

9.2CVSS5.8AI score0.08942EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.5 views

Squid < 7.5 Multiple Vulnerabilities

The version of Squid on the remote host is prior to 7.5. It is, therefore, affected by multiple vulnerabilities: - Due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This attack is limited to Squid deployments that explicitly enable ICP support...

9.2CVSS6AI score0.08942EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 5:17 a.m.4 views

CVE-2026-33515

A flaw was found in Squid, a caching proxy for the Web. Due to improper input validation, Squid is vulnerable to an out-of-bounds read when handling Internet Cache Protocol ICP traffic. A remote attacker can exploit this by sending invalid ICP requests, potentially receiving small amounts of memo...

6.9CVSS5.8AI score0.01039EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/03/26 5:17 a.m.4 views

CVE-2026-33526

A flaw was found in Squid. A remote attacker can exploit a heap Use-After-Free vulnerability when handling ICP Internet Cache Protocol traffic. This allows them to perform a reliable and repeatable Denial of Service DoS attack, making the Squid service unavailable. This attack is limited to...

9.2CVSS5.8AI score0.08942EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 5:17 a.m.6 views

CVE-2026-32748

A flaw was found in Squid. A remote attacker can exploit this vulnerability by sending specially crafted ICP Internet Cache Protocol traffic. This can lead to a Denial of Service DoS due to premature resource release and use-after-free vulnerabilities. This attack is possible in Squid deployments...

8.7CVSS5.8AI score0.08931EPSS
Exploits0References6
NVD
NVD
added 2026/03/26 1:16 a.m.2 views

CVE-2026-33515

Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffic. This problem allows a remote attacker to receive small amounts of memory potentially containing sensitive information when responding...

6.9CVSS0.01039EPSS
Exploits0References5
NVD
NVD
added 2026/03/26 1:16 a.m.2 views

CVE-2026-33526

Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP...

9.2CVSS0.08942EPSS
Exploits0References18
NVD
NVD
added 2026/03/26 1:16 a.m.4 views

CVE-2026-32748

Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable...

8.7CVSS0.08931EPSS
Exploits0References18
OSV
OSV
added 2026/03/26 1:16 a.m.5 views

DEBIAN-CVE-2026-32748

Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable...

7.5CVSS5.4AI score0.08931EPSS
Exploits0References1
OSV
OSV
added 2026/03/26 1:16 a.m.3 views

UBUNTU-CVE-2026-33526

Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP...

9.2CVSS5.8AI score0.08942EPSS
Exploits0References4
Rows per page
Query Builder