{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32748", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-13T18:53:03.531Z", "datePublished": "2026-03-26T00:11:01.424Z", "dateUpdated": "2026-03-26T15:02:31.962Z"}, "containers": {"cna": {"title": "Squid has Denial of Service in ICP Response handling", "problemTypes": [{"descriptions": [{"cweId": "CWE-413", "lang": "en", "description": "CWE-413: Improper Resource Locking", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-416", "lang": "en", "description": "CWE-416: Use After Free", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-826", "lang": "en", "description": "CWE-826: Premature Release of Resource During Expected Lifetime", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "version": "4.0"}}], "references": [{"name": "https://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq"}, {"name": "https://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b", "tags": ["x_refsource_MISC"], "url": "https://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b"}], "affected": [{"vendor": "squid-cache", "product": "squid", "versions": [{"version": "< 7.5", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T00:11:01.424Z"}, "descriptions": [{"lang": "en", "value": "Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. This bug is fixed in Squid version 7.5."}], "source": {"advisory": "GHSA-f9p7-3jqg-hhvq", "discovery": "UNKNOWN"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/03/25/3"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-03-26T00:24:52.135Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T14:19:13.990996Z", "id": "CVE-2026-32748", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T15:02:31.962Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/03/25/3"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-03-26T00:24:52.135Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32748", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T14:19:13.990996Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T14:19:38.262Z"}}], "cna": {"title": "Squid has Denial of Service in ICP Response handling", "source": {"advisory": "GHSA-f9p7-3jqg-hhvq", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "squid-cache", "product": "squid", "versions": [{"status": "affected", "version": "< 7.5"}]}], "references": [{"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq", "name": "https://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b", "name": "https://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. This bug is fixed in Squid version 7.5."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-413", "description": "CWE-413: Improper Resource Locking"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416: Use After Free"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-826", "description": "CWE-826: Premature Release of Resource During Expected Lifetime"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T00:11:01.424Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32748", "state": "PUBLISHED", "dateUpdated": "2026-03-26T15:02:31.962Z", "dateReserved": "2026-03-13T18:53:03.531Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-26T00:11:01.424Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F62FE66-3319-4718-BD42-B374264D81E8", "versionEndExcluding": "7.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. This bug is fixed in Squid version 7.5."}, {"lang": "es", "value": "Squid es un proxy de almacenamiento en cach\u00e9 para la Web. Antes de la versi\u00f3n 7.5, debido a la liberaci\u00f3n prematura de recursos durante la vida \u00fatil esperada y errores de uso despu\u00e9s de liberaci\u00f3n en el heap, Squid es vulnerable a denegaci\u00f3n de servicio al manejar tr\u00e1fico ICP. Este problema permite a un atacante remoto realizar un ataque de denegaci\u00f3n de servicio fiable y repetible contra el servicio Squid usando el protocolo ICP. Este ataque est\u00e1 limitado a despliegues de Squid que habilitan expl\u00edcitamente el soporte ICP (es decir, configurar un 'icp_port' distinto de cero). Este problema _no puede_ ser mitigado denegando consultas ICP usando reglas de 'icp_access'. Este error est\u00e1 corregido en la versi\u00f3n 7.5 de Squid."}], "id": "CVE-2026-32748", "lastModified": "2026-03-26T20:43:15.687", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-26T01:16:26.850", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b"}, {"source": "security-advisories@github.com", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "url": "https://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory", "Mitigation"], "url": "http://www.openwall.com/lists/oss-security/2026/03/25/3"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-413"}, {"lang": "en", "value": "CWE-416"}, {"lang": "en", "value": "CWE-826"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "Squid: Squid: Denial of Service via crafted ICP traffic", "id": "2451577", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451577"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-826", "details": ["A flaw was found in Squid. A remote attacker can exploit this vulnerability by sending specially crafted ICP (Internet Cache Protocol) traffic. This can lead to a Denial of Service (DoS) due to premature resource release and use-after-free vulnerabilities. This attack is possible in Squid deployments with explicitly enabled ICP support."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, ensure that ICP support is not explicitly enabled in the Squid configuration. This can be achieved by commenting out or setting `icp_port` to `0` in the `squid.conf` file. After modifying the configuration, the Squid service must be reloaded or restarted for the changes to take effect.\nExample:\n```\n# icp_port 3130\n```\nor\n```\nicp_port 0\n```\nWarning: Reloading or restarting the Squid service may temporarily interrupt proxy services."}, "name": "CVE-2026-32748", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "squid", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "squid", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "squid34", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "squid", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "squid:4/squid", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "squid", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-26T00:11:01Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-32748\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-32748\nhttp://www.openwall.com/lists/oss-security/2026/03/25/3\nhttps://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b\nhttps://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq"], "statement": "This Important flaw in Squid can lead to a Denial of Service when processing specially crafted Internet Cache Protocol (ICP) traffic. This vulnerability affects Red Hat products running Squid if ICP support is explicitly enabled by configuring a non-zero `icp_port`. Deployments where ICP is not enabled by default are not affected.", "threat_severity": "Important"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,7.5)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "squid", "source": "cna", "vendor": "squid-cache"}, "product": "squid", "vendor": "squid-cache"}], "analysis": {"en": {"generated_at": "2026-04-22T03:38:05.785890+00:00", "value": {"mitigation_remediation": ["Apply the official Squid update to version 7.5 or later, which patches the heap use\u2011after\u2011free flaw.", "If an update is not immediately feasible, restrict incoming ICP traffic to trusted hosts or drop the ICP service entirely by setting icp_port to zero, acknowledging that this is a temporary measure rather than a fix.", "Implement monitoring and automatic restart of the Squid service to reduce downtime caused by crashes, or configure an intrusion detection system to alert on anomalous ICP traffic."], "summary": {"action": "Immediate Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "Any installation of Squid older than version 7.5 that has ICP enabled (icp_port set to a non\u2011zero value). This includes typical server deployments that accept ICP queries for cache coordination. Clients interacting with such a proxy would experience service interruption once the vulnerable process terminates.", "description_and_impact": "Squid, a widely used web caching proxy, contains a heap use\u2011after\u2011free bug triggered during ICP response handling. The bug arises from premature release of resources before their intended lifetime, allowing remote attackers to send crafted ICP traffic and cause the service to crash or become unreachable. The impact is a complete denial of service to all users of the affected proxy.", "risk_and_exploitability": "The vulnerability scores 8.7 on the CVSS scale, indicating a high severity. The exploit probability according to EPSS is low at <1\u202f%, and the issue is not yet listed in the CISA Known Exploited Vulnerabilities catalog. Despite the limited probability, the attack vector is remote and straightforward: an adversary can trigger the crash by sending malformed ICP packets. Because the issue cannot be mitigated by access rules such as icp_access, the only definitive protection is to update the software."}}}}, "created": "2026-03-26T11:31:00.351399+00:00", "updated": "2026-04-22T03:45:06.976008+00:00", "vendors": ["squid-cache", "squid-cache$PRODUCT$squid"]}