CVE-2025-54574 Information
Aug 02, 2025
cve
Description
Squid is a caching proxy for the Web. In versions 6.3 and below Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue disable URN access permissions.
Reference
https://github.com/squid-cache/squid/commit/a27bf4b84da23594150c7a86a23435df0b35b988 https://github.com/squid-cache/squid/releases/tag/SQUID_6_4 https://github.com/squid-cache/squid/security/advisories/GHSA-w4gv-vw3f-29g3
Related CNNVD
CNNVD-202508-074 (Published: 2025-08-01)
Share on: