squid is vulnerable to information disclosure. The vulnerability exits due to inconsistent handling of internal URIs, which allows an attacker to gain access to cache manager information in the file system via bypassing the manager ACL protection.
git://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2022-41317
www.squid-cache.org/Versions/v4/changesets/SQUID-2022_1.patch
www.squid-cache.org/Versions/v5/changesets/SQUID-2022_1.patch
bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-41317
bugzilla.suse.com/show_bug.cgi?id=CVE-2022-41317
github.com/squid-cache/squid/security/advisories/GHSA-rcg9-7fqm-83mq
security-tracker.debian.org/tracker/CVE-2022-41317
www.openwall.com/lists/oss-security/2022/09/23/1