CNNVD-202510-2482 Information
CNNVD ID
CNNVD-202510-2482
Related CVE
- CNNVD Published: 2025-10-17
Description (Chinese)
Squid是Squid开源的一套代理服务器和Web缓存服务器软件。该软件提供缓存万维网、过滤流量、代理上网等功能。 Squid 7.2之前版本存在安全漏洞,该漏洞源于错误处理中未编辑HTTP身份验证凭据,可能导致信息泄露。
Description (English)
Squid is a proxy server for Squid and Web Cache Server software. The software provides access to the World Wide Web, filtering traffic, proxy access, etc. The previous version of Squid 7.2 had a security loophole, which stemmed from the unedited HTTP authentication certificate in error processing, which could lead to the disclosure of information.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
Squid
Published
2025-10-17
Last Modified
2026-02-24
References
https://github.com/squid-cache/squid/commit/0951a0681011dfca3d78c84fd7f1e19c78a4443f https://github.com/squid-cache/squid/security/advisories/GHSA-c8cc-phh7-xmxr https://vigilance.fr/vulnerability/Squid-information-disclosure-via-Error-handling-48515
Patch
https://github.com/squid-cache/squid/releases
Share on: