82 matches found
squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling
A flaw was found in Squid. A remote attacker can exploit a heap Use-After-Free vulnerability when handling ICP Internet Cache Protocol traffic. This allows them to perform a reliable and repeatable Denial of Service DoS attack, making the Squid service unavailable. This attack is limited to...
RHEL 7 : squid (RHSA-2026:8880)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:8880 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid: Denia...
RLSA-2026:8317 Important: squid:4 security update
Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling CVE-2026-33526 Squid: Squid: Denial of Service via crafted ICP traffic CVE-2026-32748 For...
Squid: Squid: Denial of Service via crafted ICP traffic
A flaw was found in Squid. A remote attacker can exploit this vulnerability by sending specially crafted ICP Internet Cache Protocol traffic. This can lead to a Denial of Service DoS due to premature resource release and use-after-free vulnerabilities. This attack is possible in Squid deployments...
Important: squid:4 security update
Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling CVE-2026-33526 Squid: Squid: Denial of Service via crafted ICP traffic CVE-2026-32748 For...
ALSA-2026:8317 Important: squid:4 security update
Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling CVE-2026-33526 Squid: Squid: Denial of Service via crafted ICP traffic CVE-2026-32748 For...
squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling
A flaw was found in Squid. A remote attacker can exploit a heap Use-After-Free vulnerability when handling ICP Internet Cache Protocol traffic. This allows them to perform a reliable and repeatable Denial of Service DoS attack, making the Squid service unavailable. This attack is limited to...
Squid: Squid: Denial of Service via crafted ICP traffic
A flaw was found in Squid. A remote attacker can exploit this vulnerability by sending specially crafted ICP Internet Cache Protocol traffic. This can lead to a Denial of Service DoS due to premature resource release and use-after-free vulnerabilities. This attack is possible in Squid deployments...
squid security update
7:6.10-6.3 - Resolves: RHEL-160667 - squid: Squid: Denial of Service via crafted ICP traffic CVE-2026-32748 7:6.10-6.2 - Resolves: RHEL-160665 - squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling CVE-2026-33526...
Important: squid
Issue Overview: Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable a...
ALSA-2026:8119 Important: squid security update
Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling CVE-2026-33526 Squid: Squid: Denial of Service via crafted ICP traffic CVE-2026-32748 For...
Updated squid packages fix security vulnerabilities
Squid mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c. CVE-2025-59362 Squid vulnerable to information disclosure via authentication credential leakage in error handling. CVE-2025-62168 Squid vulnerable to Denial of Service in ICP Request handling...
squid34: Fix of 2 CVEs
CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS - CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing Use-After-Free DoS...
CLSA-2026-1775209032 squid: Fix of 2 CVEs
CVE-2026-33515: fix validation of packet sizes and URLs in ICP - CVE-2026-33526: fix escaping malformed URI twice when sending ICP errors...
USN-8157-1: Squid vulnerabilities
It was discovered that Squid incorrectly handled certain ICP traffic. In environments where ICP support is enabled, a remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or obtain small amounts of sensitive information...
RockyLinux 9 : squid (RLSA-2026:6301)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:6301 advisory. squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling CVE-2026-33526 Squid: Squid: Denial of Service via crafted ICP...
RHEL 9 : squid (RHSA-2026:6301)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:6301 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid: Denia...
CLSA-2026-1775210281 squid: Fix of CVE-2026-32748
CVE-2026-32748: fix HttpRequest lifetime for ICP v3 queries...
MiracleLinux 9 : squid-5.5-22.el9_7.4 (AXSA:2026-387:02)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-387:02 advisory. squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling CVE-2026-33526 Squid: Squid: Denial of Service via crafted ICP...
CLSA-2026-1775062103 squid34: Fix of 2 CVEs
CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS - CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing Use-After-Free DoS...