CLSA-2026-1774877548

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774877548.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1774877548
Upstream
Published
2026-03-30T13:32:32Z
Modified
2026-06-01T00:33:28.191419714Z
Summary
squid: Fix of 3 CVEs
Details
  • CVE-2026-33526: fix heap use-after-free due to double rfc1738_escape in ICP error handling
  • CVE-2026-33515: fix validation of ICP packet sizes and URLs to prevent out-of-bounds reads
  • CVE-2026-32748: fix HttpRequest use-after-free in ICP v3 query handling
References

Affected packages

TuxCare:RHEL:7 / squid

Package

Name
squid
Purl
pkg:rpm/tuxcare/squid?distro=rhel-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:3.5.20-17.0.5.el7_9.99.tuxcare.els4

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774877548.json"

TuxCare:RHEL:7 / squid-migration-script

Package

Name
squid-migration-script
Purl
pkg:rpm/tuxcare/squid-migration-script?distro=rhel-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:3.5.20-17.0.5.el7_9.99.tuxcare.els4

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774877548.json"

TuxCare:RHEL:7 / squid-sysvinit

Package

Name
squid-sysvinit
Purl
pkg:rpm/tuxcare/squid-sysvinit?distro=rhel-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:3.5.20-17.0.5.el7_9.99.tuxcare.els4

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774877548.json"