Description

Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.

INFO

Published Date :

2025-08-01T18:02:19.117Z

Last Modified :

2025-08-01T18:43:46.346Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-54574 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-54574.

URL Resource
https://github.com/squid-cache/squid/commit/a27bf4b84da23594150c7a86a23435df0b35b988 cve-icon cve-icon cve-icon
https://github.com/squid-cache/squid/releases/tag/SQUID_6_4 cve-icon cve-icon cve-icon
https://github.com/squid-cache/squid/security/advisories/GHSA-w4gv-vw3f-29g3 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-54574 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-54574 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact