CLSA-2026-1777054556

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777054556.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1777054556
Upstream
Published
2026-04-24T18:16:01Z
Modified
2026-06-01T00:32:48.698794270Z
Summary
squid: Fix of 2 CVEs
Details
  • CVE-2022-41317: fix exposure of sensitive cache manager information via non-HTTP URI schemes due to typo in default manager ACL regex
  • CVE-2023-49288: fix use-after-free in StoreEntry::startWriting() reachable via oversized replies with collapsed_forwarding enabled
References

Affected packages

TuxCare:AlmaLinux:9.6 / squid

Package

Name
squid
Purl
pkg:rpm/tuxcare/squid?distro=almalinux-9.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:5.5-19.el9_6.1.tuxcare.els5

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777054556.json"