CLSA-2025-1736503631

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1736503631.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1736503631
Upstream
Published
2025-01-10T10:07:18Z
Modified
2026-06-01T00:30:27.526530405Z
Summary
squid: Fix of 4 CVEs
Details
  • CVE-2023-49285: Fix Buffer Overread bug to prevent Denial of Service attack
  • CVE-2023-49286: Fix Incorrect Check of Function Return Value bug in Helper process management
  • CVE-2023-50269: Fix Uncontrolled Recursion bug in HTTP Request parsing by limiting X-Forwarded-For header size to prevent Denial of Service attack.
  • CVE-2024-25617: Fix Collapse of Data into Unsafe Value bug to prevent Denial of Service attack against HTTP header parsing
References

Affected packages

TuxCare:AlmaLinux:9.2 / squid

Package

Name
squid
Purl
pkg:rpm/tuxcare/squid?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:5.5-5.el9_2.1.tuxcare.els4

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1736503631.json"