{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"Critical" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"squid security update", "category":"general", "title":"Synopsis" }, { "text":"An update for squid is now available for openEuler-24.03-LTS-SP3", "category":"general", "title":"Summary" }, { "text":"Squid is a high-performance proxy caching server. It handles all requests in a single, non-blocking, I/O-driven process and keeps meta data and implements negative caching of failed requests.\n\nSecurity Fix(es):\n\nSquid is a widely used proxy caching server. Due to premature release of resources and heap Use-After-Free bugs during the handling of ICP (Internet Cache Protocol) traffic, Squid is vulnerable to Denial of Service. A remote attacker can cause the Squid service to crash by sending specially crafted ICP requests to a Squid instance with ICP support enabled, resulting in a reliable and repeatable Denial of Service attack. This vulnerability only affects Squid deployments that explicitly enable ICP support (i.e., configure a non-zero `icp_port`). It is important to note that this problem cannot be mitigated by denying ICP queries using `icp_access` rules.(CVE-2026-32748)\n\nSquid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffic. This problem allows a remote attacker to receive small amounts of memory potentially containing sensitive information when responding with errors to invalid ICP requests. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem cannot be mitigated by denying ICP queries using `icp_access` rules. Version 7.5 contains a patch.(CVE-2026-33515)\n\nSquid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. Version 7.5 contains a patch.(CVE-2026-33526)", "category":"general", "title":"Description" }, { "text":"An update for squid is now available for openEuler-24.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"Critical", "category":"general", "title":"Severity" }, { "text":"squid", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2026-1797", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1797" }, { "summary":"CVE-2026-32748", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-32748&packageName=squid" }, { "summary":"CVE-2026-33515", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-33515&packageName=squid" }, { "summary":"CVE-2026-33526", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-33526&packageName=squid" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32748" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33515" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33526" }, { "summary":"openEuler-SA-2026-1797 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2026/csaf-openeuler-sa-2026-1797.json" } ], "title":"An update for squid is now available for openEuler-24.03-LTS-SP3", "tracking":{ "initial_release_date":"2026-04-03T20:35:43+08:00", "revision_history":[ { "date":"2026-04-03T20:35:43+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2026-04-03T20:35:43+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2026-04-03T20:35:43+08:00", "id":"openEuler-SA-2026-1797", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"openEuler-24.03-LTS-SP3", "name":"openEuler-24.03-LTS-SP3" }, "name":"openEuler-24.03-LTS-SP3", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"squid-6.6-8.oe2403sp3.aarch64.rpm", "name":"squid-6.6-8.oe2403sp3.aarch64.rpm" }, "name":"squid-6.6-8.oe2403sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"squid-debuginfo-6.6-8.oe2403sp3.aarch64.rpm", "name":"squid-debuginfo-6.6-8.oe2403sp3.aarch64.rpm" }, "name":"squid-debuginfo-6.6-8.oe2403sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"squid-debugsource-6.6-8.oe2403sp3.aarch64.rpm", "name":"squid-debugsource-6.6-8.oe2403sp3.aarch64.rpm" }, "name":"squid-debugsource-6.6-8.oe2403sp3.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"squid-6.6-8.oe2403sp3.src.rpm", "name":"squid-6.6-8.oe2403sp3.src.rpm" }, "name":"squid-6.6-8.oe2403sp3.src.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"squid-6.6-8.oe2403sp3.x86_64.rpm", "name":"squid-6.6-8.oe2403sp3.x86_64.rpm" }, "name":"squid-6.6-8.oe2403sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"squid-debuginfo-6.6-8.oe2403sp3.x86_64.rpm", "name":"squid-debuginfo-6.6-8.oe2403sp3.x86_64.rpm" }, "name":"squid-debuginfo-6.6-8.oe2403sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"squid-debugsource-6.6-8.oe2403sp3.x86_64.rpm", "name":"squid-debugsource-6.6-8.oe2403sp3.x86_64.rpm" }, "name":"squid-debugsource-6.6-8.oe2403sp3.x86_64.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"squid-6.6-8.oe2403sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:squid-6.6-8.oe2403sp3.aarch64", "name":"squid-6.6-8.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"squid-debuginfo-6.6-8.oe2403sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:squid-debuginfo-6.6-8.oe2403sp3.aarch64", "name":"squid-debuginfo-6.6-8.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"squid-debugsource-6.6-8.oe2403sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:squid-debugsource-6.6-8.oe2403sp3.aarch64", "name":"squid-debugsource-6.6-8.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"squid-6.6-8.oe2403sp3.src.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:squid-6.6-8.oe2403sp3.src", "name":"squid-6.6-8.oe2403sp3.src as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"squid-6.6-8.oe2403sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:squid-6.6-8.oe2403sp3.x86_64", "name":"squid-6.6-8.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"squid-debuginfo-6.6-8.oe2403sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:squid-debuginfo-6.6-8.oe2403sp3.x86_64", "name":"squid-debuginfo-6.6-8.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"squid-debugsource-6.6-8.oe2403sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:squid-debugsource-6.6-8.oe2403sp3.x86_64", "name":"squid-debugsource-6.6-8.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2026-32748", "notes":[ { "text":"Squid is a widely used proxy caching server. Due to premature release of resources and heap Use-After-Free bugs during the handling of ICP (Internet Cache Protocol) traffic, Squid is vulnerable to Denial of Service. A remote attacker can cause the Squid service to crash by sending specially crafted ICP requests to a Squid instance with ICP support enabled, resulting in a reliable and repeatable Denial of Service attack. This vulnerability only affects Squid deployments that explicitly enable ICP support (i.e., configure a non-zero `icp_port`). It is important to note that this problem cannot be mitigated by denying ICP queries using `icp_access` rules.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP3:squid-6.6-8.oe2403sp3.aarch64", "openEuler-24.03-LTS-SP3:squid-debuginfo-6.6-8.oe2403sp3.aarch64", "openEuler-24.03-LTS-SP3:squid-debugsource-6.6-8.oe2403sp3.aarch64", "openEuler-24.03-LTS-SP3:squid-6.6-8.oe2403sp3.src", "openEuler-24.03-LTS-SP3:squid-6.6-8.oe2403sp3.x86_64", "openEuler-24.03-LTS-SP3:squid-debuginfo-6.6-8.oe2403sp3.x86_64", "openEuler-24.03-LTS-SP3:squid-debugsource-6.6-8.oe2403sp3.x86_64" ] }, "remediations":[ { "product_ids":{"$ref":"$.vulnerabilities[0].product_status.fixed"}, "details":"squid security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1797" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":8.7, "vectorString":"CVSS:3.1/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "version":"3.1" }, "products":{"$ref":"$.vulnerabilities[0].product_status.fixed"} } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2026-32748" }, { "cve":"CVE-2026-33515", "notes":[ { "text":"Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffic. This problem allows a remote attacker to receive small amounts of memory potentially containing sensitive information when responding with errors to invalid ICP requests. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem cannot be mitigated by denying ICP queries using `icp_access` rules. Version 7.5 contains a patch.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":{"$ref":"$.vulnerabilities[0].product_status.fixed"} }, "remediations":[ { "product_ids":{"$ref":"$.vulnerabilities[0].product_status.fixed"}, "details":"squid security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1797" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.9, "vectorString":"CVSS:3.1/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N", "version":"3.1" }, "products":{"$ref":"$.vulnerabilities[0].product_status.fixed"} } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2026-33515" }, { "cve":"CVE-2026-33526", "notes":[ { "text":"Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. Version 7.5 contains a patch.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":{"$ref":"$.vulnerabilities[0].product_status.fixed"} }, "remediations":[ { "product_ids":{"$ref":"$.vulnerabilities[0].product_status.fixed"}, "details":"squid security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1797" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"CRITICAL", "baseScore":9.2, "vectorString":"CVSS:3.1/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", "version":"3.1" }, "products":{"$ref":"$.vulnerabilities[0].product_status.fixed"} } ], "threats":[ { "details":"Critical", "category":"impact" } ], "title":"CVE-2026-33526" } ] }