Astra Linux - уязвимость в squid

A issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, sensitive information about clients using the proxy may be exposed through an HTTPS request to an internal cache manager URL. This issue has been fixed in version 5.7...

Astra Linux - уязвимость в squid

SQUID is vulnerable to HTTP request smuggling, which is caused by the laxity of the chunked decoder. This allows a remote attacker to perform Request/Response smuggling beyond the firewall and frontend security systems...

Astra Linux - уязвимость в squid

Squid is a caching proxy for the Web. Due to a bug related to expired pointer references, Squid versions prior to 6.6 were vulnerable to a Denial of Service attack targeting error responses from the Cache Manager. This vulnerability allowed a trusted client to cause a Denial of Service attack by...

Astra Linux - уязвимость в squid

Squid is an open-source caching proxy for the web, supporting HTTP, HTTPS, FTP, and other protocols. Due to a bug related to collapsing data into unsafe values, Squid may be vulnerable to Denial of Service attacks involving HTTP header parsing. This issue allows a remote client or server to cause...

Astra Linux - уязвимость в squid

A issue was discovered in Squid before version 4.15 and 5.x before version 5.0.6. Due to a buffer-management bug, it allows for a denial of service. When resolving a request using the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that...

Astra Linux - уязвимость в squid

A issue was discovered in Squid before version 4.15 and 5.x before version 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack targeting all clients using the proxy through HTTP Range request processing...

Astra Linux - уязвимость в squid

A issue was discovered in Squid before versions 4.15 and 5.x before version 5.0.6. An integer overflow problem allows a remote server to cause a Denial of Service when delivering responses to HTTP Range requests. The issue is triggered by a header that is expected to exist in HTTP traffic, withou...

Astra Linux - уязвимость в squid

In versions 4.14 and 5.x through 5.0.5, in some configurations, the Squid vulnerability allows information disclosure due to an out-of-bounds read in the WCCP protocol data. This vulnerability can be exploited as part of a chain for remote code execution, as there is no one to stop such attacks...

Astra Linux – Vulnerability in Squid

A vulnerability was discovered in Squid before versions 4.15 and 5.x before version 5.0.6. Due to incorrect parser validation, this vulnerability allows for a Denial of Service attack against the Cache Manager API. This enables a trusted client to trigger memory leaks, which over time can lead to...

Astra Linux – Vulnerability in Squid

A issue was discovered in Squid 4.x before 4.15, and in 5.x before 5.0.6. If a remote server sends a certain response header via HTTP or HTTPS, it can lead to a denial of service. This header can potentially appear in legitimate network traffic...

Astra Linux – Vulnerability in Squid

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, a Denial of Service can occur when processing long Gopher server responses due to improper buffer management...

RHEL 10 : squid (RHSA-2026:8119)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:8119 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid: Deni...

MiracleLinux 8 : squid:4 (AXSA:2025-11003:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11003:01 advisory. squid-cache: Squid vulnerable to information disclosure via authentication credential leakage in error handling CVE-2025-62168 Tenable has extracted the...

MiracleLinux 7 : squid-3.5.20-17.el7.8 (AXSA:2022-3878:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3878:02 advisory. squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 4 : squid34-3.4.14-9.AXS4.4 (AXSA:2017-1278:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2017-1278:01 advisory. Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid...

MiracleLinux 7 : squid-3.5.20-17.0.5.99.0.2.el7.AXS7 (AXSA:2025-11536:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11536:06 advisory. CVE-2025-62168: fix failure to redact HTTP authentication credentials in error handling to prevent information disclosure emailerrdata directive now default...

PT-2026-28159

Name of the Vulnerable Software and Affected Versions Squid versions prior to 7.5 Description Squid is a caching proxy for the Web. Versions prior to 7.5 are susceptible to a Denial of Service when handling ICP traffic due to premature resource release and heap Use-After-Free bugs. A remote...

TencentOS Server 2: squid (TSSA-2023:0268)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0268 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0170: squid:4 (ALINUX3-SA-2025:0170)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0170 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-62168: Squid is a caching proxy for the We...

RHEL 8 : squid:4 (RHSA-2025:21090)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21090 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid-cache: Squid vulnerab...