CLSA-2026-1774874764

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2026-1774874764.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1774874764
Upstream
Published
2026-03-31T08:46:19Z
Modified
2026-06-01T00:33:09.952613526Z
Summary
squid: Fix of 3 CVEs
Details
  • CVE-2026-33526: fix heap use-after-free due to double rfc1738_escape in ICP error handling
  • CVE-2026-33515: fix validation of ICP packet sizes and URLs to prevent out-of-bounds reads
  • CVE-2026-32748: fix HttpRequest use-after-free in ICP v3 query handling
References

Affected packages

TuxCare:CentOS:7 / squid

Package

Name
squid
Purl
pkg:rpm/tuxcare/squid?distro=centos-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:3.5.20-17.0.5.el7_9.99.tuxcare.els4

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2026-1774874764.json"

TuxCare:CentOS:7 / squid-migration-script

Package

Name
squid-migration-script
Purl
pkg:rpm/tuxcare/squid-migration-script?distro=centos-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:3.5.20-17.0.5.el7_9.99.tuxcare.els4

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2026-1774874764.json"

TuxCare:CentOS:7 / squid-sysvinit

Package

Name
squid-sysvinit
Purl
pkg:rpm/tuxcare/squid-sysvinit?distro=centos-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:3.5.20-17.0.5.el7_9.99.tuxcare.els4

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2026-1774874764.json"