CNNVD-202508-074 Information

CNNVD ID

CNNVD-202508-074

Related CVE

CVE-2025-54574

• CNNVD Published: 2025-08-01

Description (Chinese)

Squid是Squid开源的一套代理服务器和Web缓存服务器软件。该软件提供缓存万维网、过滤流量、代理上网等功能。 Squid 6.3及之前版本存在安全漏洞，该漏洞源于处理URN时存在堆缓冲区溢出，可能导致远程代码执行。

Description (English)

Squid is a proxy server for Squid and Web Cache Server software. The software provides access to the World Wide Web, filtering traffic, proxy access, etc. Squid 6.3 and previous versions had a security loophole, which stemmed from the spilling of a stack of buffer zones during the processing of URLs, which could lead to remote code implementation.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Squid

Published

2025-08-01

Last Modified

2026-02-24

References

https://github.com/squid-cache/squid/commit/a27bf4b84da23594150c7a86a23435df0b35b988 https://github.com/squid-cache/squid/releases/tag/SQUID_6_4 https://github.com/squid-cache/squid/security/advisories/GHSA-w4gv-vw3f-29g3 https://nvd.nist.gov/vuln/detail/CVE-2025-54574

Patch

https://github.com/squid-cache/squid/releases