CLSA-2026-1777054556 squid: Fix of 2 CVEs

CVE-2022-41317: fix exposure of sensitive cache manager information via non-HTTP URI schemes due to typo in default manager ACL regex - CVE-2023-49288: fix use-after-free in StoreEntry::startWriting reachable via oversized replies with collapsedforwarding enabled...

CLSA-2025-1761844638 Fix CVE(s): CVE-2023-49288, CVE-2023-5824

SECURITY UPDATE: excessive cached HTTP response header size causing worker process stall or crash - debian/patches/CVE-2023-5824.patch: Refactor serialized HTTP response header handling to prevent cache flow - CVE-2023-5824 SECURITY UPDATE: Use-After-Free in the HTTP Collapsed Forwarding Feature ...

EUVD-2023-53281

Malicious code in bioql PyPI...

CVE-2011-10018

myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of...

CLSA-2025-1741034026 squid: Fix of CVE-2023-49288

CVE-2023-49288: fix Denial of Service in HTTP Collapsed Forwarding...

Mageia: Security Advisory (MGASA-2024-0126)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0126 Updated squid packages fix security vulnerabilities

Affected versions of squid are subject to a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with "collapsedforwarding on" are vulnerable. Configurations with "collapsedforwarding off" or...

USN-6728-1 squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2023-49288 Joshua Rogers discovered that Squ...

Important: squid

Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no know...

squid: Use-After-Free in the HTTP Collapsed Forwarding Feature

A flaw was found in Squid. The use of the HTTP Collapsed Forwarding configuration may allow an attacker to perform a denial of service remotely...

SUSE CVE-2023-49288

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...

CVE-2023-49288

A flaw was found in Squid. The use of the HTTP Collapsed Forwarding configuration may allow an attacker to perform a denial of service remotely. Mitigation To mitigate this issue, lines for the 'collapsedforwarding' feature have to be removed from your squid.conf...

CVE-2023-49288

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...

DEBIAN-CVE-2023-49288

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...

AZL-32073 CVE-2023-49288 affecting package squid 5.7-5

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...

Design/Logic Flaw

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...

UBUNTU-CVE-2023-49288

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...

CVE-2023-49288

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...

CVE-2023-49288

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...

CVE-2023-49288 Denial of Service in HTTP Collapsed Forwarding in Squid

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...