CLSA-2026-1775724625

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1775724625.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1775724625
Upstream
Published
2026-04-09T08:50:29Z
Modified
2026-06-04T09:46:56.562053876Z
Summary
Fix CVE(s): CVE-2026-32748, CVE-2026-33526
Details
  • SECURITY UPDATE: denial of service via use-after-free in ICP
    • debian/patches/CVE-2026-33526.patch: remove duplicate rfc1738_escape call in icpGetRequest that invalidated the previously escaped URL pointer
    • CVE-2026-33526
  • SECURITY UPDATE: denial of service via use-after-free in ICP request handling
    • debian/patches/CVE-2026-32748.patch: return HttpRequestPointer and move icpAccessAllowed into icpGetRequest to fix HttpRequest lifetime for ICP v3 queries
    • CVE-2026-32748
References

Affected packages

TuxCare:Ubuntu:16.04
squid

Package

Name
squid
Purl
pkg:deb/tuxcare/squid?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.5.12-1ubuntu7.17+tuxcare.els13

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1775724625.json"
squid-cgi

Package

Name
squid-cgi
Purl
pkg:deb/tuxcare/squid-cgi?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.5.12-1ubuntu7.17+tuxcare.els13

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1775724625.json"
squid-common

Package

Name
squid-common
Purl
pkg:deb/tuxcare/squid-common?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.5.12-1ubuntu7.17+tuxcare.els13

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1775724625.json"
squid-purge

Package

Name
squid-purge
Purl
pkg:deb/tuxcare/squid-purge?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.5.12-1ubuntu7.17+tuxcare.els13

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1775724625.json"
squid3

Package

Name
squid3
Purl
pkg:deb/tuxcare/squid3?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.5.12-1ubuntu7.17+tuxcare.els13

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1775724625.json"
squidclient

Package

Name
squidclient
Purl
pkg:deb/tuxcare/squidclient?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.5.12-1ubuntu7.17+tuxcare.els13

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1775724625.json"