6123 matches found
TencentOS Server 2: squid (TSSA-2026:0280)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0280 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: squid (UTSA-2026-016517)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016517 advisory. Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Deni...
[SECURITY] Fedora 43 Update: squid-7.5-1.fc43
Squid is a high-performance proxy caching server for Web clients, supporting FTP and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups...
[SECURITY] Fedora 44 Update: squid-7.5-1.fc44
Squid is a high-performance proxy caching server for Web clients, supporting FTP and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups...
Fedora 43 : squid (2026-e6a4814a4d)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e6a4814a4d advisory. - new version 7.5 - security update Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...
Fedora 44 : squid (2026-c0590bd498)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c0590bd498 advisory. - new version 7.5 - security update Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...
CLSA-2026-1777544744 squid: Fix of CVE-2023-49288
CVE-2023-49288: fix use-after-free in storeclient lifetime by locking StoreEntry for the duration of the storeclient object...
RHSA-2026:11901 Red Hat Security Advisory: squid security update
Bulletin has no description...
CLSA-2026-1777539711 squid: Fix of CVE-2023-49288
CVE-2023-49288: fix use-after-free in storeclient lifetime by locking StoreEntry for the duration of the storeclient object...
RHEL 10 : squid (RHSA-2026:11901)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:11901 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid:...
Squid: Squid: Denial of Service via crafted ICP traffic
A flaw was found in Squid. A remote attacker can exploit this vulnerability by sending specially crafted ICP Internet Cache Protocol traffic. This can lead to a Denial of Service DoS due to premature resource release and use-after-free vulnerabilities. This attack is possible in Squid deployments...
squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling
A flaw was found in Squid. A remote attacker can exploit a heap Use-After-Free vulnerability when handling ICP Internet Cache Protocol traffic. This allows them to perform a reliable and repeatable Denial of Service DoS attack, making the Squid service unavailable. This attack is limited to...
Important: Red Hat Security Advisory: squid security update
An update for squid is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
squid: Fix of 3 CVEs
CVE-2019-12521: fix ESI parser off-by-one heap overflow by enforcing a stack-depth limit and throwing on overflow - CVE-2019-12524 already addressed by the CVE-2019-12520 backport same fix upstream; see Squid advisory SQUID-2019:4...
CLSA-2026-1777384121 squid: Fix of 3 CVEs
CVE-2019-12521: fix ESI parser off-by-one heap overflow by enforcing a stack-depth limit and throwing on overflow - CVE-2019-12524 already addressed by the CVE-2019-12520 backport same fix upstream; see Squid advisory SQUID-2019:4...
RHEL 9 : squid (RHSA-2026:10255)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:10255 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid: Deni...
CLSA-2026-1776878817 squid: Fix of 13 CVEs
CVE-2018-1000027: fix NULL pointer dereference in clientFollowXForwardedForCheck for transactions without a client connection - CVE-2018-19131: fix XSS via X.509 certificate fields rendered unescaped in SSL error pages - CVE-2019-12520: prevent cache poisoning by suppressing URL userinfo from...
[SECURITY] Fedora 44 Update: tinyproxy-1.11.2-7.fc44
tinyproxy is a small, efficient HTTP/SSL proxy daemon that is very useful in a small network setting, where a larger proxy like Squid would either be too resource intensive, or a security risk...
Friday Squid Blogging: How Squid Survived Extinction Events
Science news: Scientists have finally cracked a long-standing mystery about squid and cuttlefish evolution by analyzing newly sequenced genomes alongside global datasets. The research reveals that these bizarre, intelligent creatures likely originated deep in the ocean over 100 million years ago,...
CLSA-2026-1777054556 squid: Fix of 2 CVEs
CVE-2022-41317: fix exposure of sensitive cache manager information via non-HTTP URI schemes due to typo in default manager ACL regex - CVE-2023-49288: fix use-after-free in StoreEntry::startWriting reachable via oversized replies with collapsedforwarding enabled...