Squid’s URN Handling can lead to Buffer Overflow

August 1, 2025 invoker category_cve

CVE Details

Basic Information

Title	Squid’s URN Handling can lead to Buffer Overflow
Type	cve
Published	2025-08-01T18:02:19.117Z
Modified	2025-08-01T18:43:46.346Z

Product Information

Vendor	squid-cache
Product	squid
Version	< 6.4

CVSS Information

Base Score	9.3 (CRITICAL)
Attack Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:H

Affected Products

squid-cache squid < 6.4

Additional Information

CWE List	CWE-122
Source	GitHub_M

Description

Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.

References

https://github.com/squid-cache/squid/security/advisories/GHSA-w4gv-vw3f-29g3
https://github.com/squid-cache/squid/commit/a27bf4b84da23594150c7a86a23435df0b35b988
https://github.com/squid-cache/squid/releases/tag/SQUID_6_4

View Full CVE Details