CVE-2025-54574
published 2025-08-01CVE-2025-54574: Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when…
PriorityP277critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
23.46%
97.5th percentile
Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | squid | < squid 5.7-2+deb12u3 (bookworm) | squid 5.7-2+deb12u3 (bookworm) |
| squid-cache | squid | < 6.4 | 6.4 |
| squid | squid | >= 0 < 4.13-10+deb11u5 | 4.13-10+deb11u5 |
| squid | squid | >= 0 < 5.7-2+deb12u3 | 5.7-2+deb12u3 |
| squid | squid | >= 0 < 6.5-1 | 6.5-1 |
| squid | squid | >= 0 < 6.5-1 | 6.5-1 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is triggered during URN (Uniform Resource Name) processing in Squid's core request-handling path — monitor or block URN-scheme requests to Squid proxy instances ↗
- →Heap-based buffer overflow occurs specifically in the URN processing code path; focus memory/crash analysis and exploit detection on URN request handling within Squid ↗
- ·Workaround: disable URN access permissions in Squid configuration to prevent exploitation until patching is possible ↗
- ·Affected versions are Squid 6.3 and below; fixed in Squid 6.4 (upstream) and Debian-specific fixed versions: bookworm 5.7-2+deb12u3, bullseye 4.13-10+deb11u5, forky/sid/trixie 6.5-1 ↗
- ·Red Hat Enterprise Linux 10 squid package is listed as Not Affected; RHEL 6 packages (squid, squid34) are out of support scope ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL
vendor_debian9.3CRITICAL
vendor_redhat9.3CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2025-54574: Squid is a caching proxy for the Web
osv·2025-08-01·CVSS 9.8
CVE-2025-54574 [CRITICAL] CVE-2025-54574: Squid is a caching proxy for the Web
Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.
Red Hat
squid-cache: Squid Buffer Overflow
vendor_redhat·2025-08-01·CVSS 9.3
CVE-2025-54574 [CRITICAL] CWE-122 squid-cache: Squid Buffer Overflow
squid-cache: Squid Buffer Overflow
Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.
A heap-based buffer overflow flaw was found in the Squid caching proxy. When processing the Uniform Resource Name (URNs), specific conditions can lead to remote code execution.
Statement: This vulnerability is Important because the heap-based buffer overflow occurs during URN processing in Squid’s core request-handling path, which is exposed to untrusted, remote input. Unlike flaws that merely cause a service crash, this defect allows an attacker to mani
Debian
CVE-2025-54574: squid - Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulner...
vendor_debian·2025·CVSS 9.3
CVE-2025-54574 [CRITICAL] CVE-2025-54574: squid - Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulner...
Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.
Scope: local
bookworm: resolved (fixed in 5.7-2+deb12u3)
bullseye: resolved (fixed in 4.13-10+deb11u5)
forky: resolved (fixed in 6.5-1)
sid: resolved (fixed in 6.5-1)
trixie: resolved (fixed in 6.5-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/squid-cache/squid/commit/a27bf4b84da23594150c7a86a23435df0b35b988https://github.com/squid-cache/squid/releases/tag/SQUID_6_4https://github.com/squid-cache/squid/security/advisories/GHSA-w4gv-vw3f-29g3http://www.openwall.com/lists/oss-security/2025/11/05/5https://lists.debian.org/debian-lts-announce/2025/09/msg00027.html
2025-08-01
Published