{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32748", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-13T18:53:03.531Z", "datePublished": "2026-03-26T00:11:01.424Z", "dateUpdated": "2026-03-26T15:02:31.962Z"}, "containers": {"cna": {"title": "Squid has Denial of Service in ICP Response handling", "problemTypes": [{"descriptions": [{"cweId": "CWE-413", "lang": "en", "description": "CWE-413: Improper Resource Locking", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-416", "lang": "en", "description": "CWE-416: Use After Free", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-826", "lang": "en", "description": "CWE-826: Premature Release of Resource During Expected Lifetime", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "version": "4.0"}}], "references": [{"name": "https://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq"}, {"name": "https://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b", "tags": ["x_refsource_MISC"], "url": "https://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b"}], "affected": [{"vendor": "squid-cache", "product": "squid", "versions": [{"version": "< 7.5", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T00:11:01.424Z"}, "descriptions": [{"lang": "en", "value": "Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. This bug is fixed in Squid version 7.5."}], "source": {"advisory": "GHSA-f9p7-3jqg-hhvq", "discovery": "UNKNOWN"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/03/25/3"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-03-26T00:24:52.135Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T14:19:13.990996Z", "id": "CVE-2026-32748", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T15:02:31.962Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/03/25/3"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-03-26T00:24:52.135Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32748", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T14:19:13.990996Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T14:19:38.262Z"}}], "cna": {"title": "Squid has Denial of Service in ICP Response handling", "source": {"advisory": "GHSA-f9p7-3jqg-hhvq", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "squid-cache", "product": "squid", "versions": [{"status": "affected", "version": "< 7.5"}]}], "references": [{"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq", "name": "https://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b", "name": "https://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. This bug is fixed in Squid version 7.5."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-413", "description": "CWE-413: Improper Resource Locking"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416: Use After Free"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-826", "description": "CWE-826: Premature Release of Resource During Expected Lifetime"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T00:11:01.424Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32748", "state": "PUBLISHED", "dateUpdated": "2026-03-26T15:02:31.962Z", "dateReserved": "2026-03-13T18:53:03.531Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-26T00:11:01.424Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F62FE66-3319-4718-BD42-B374264D81E8", "versionEndExcluding": "7.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. This bug is fixed in Squid version 7.5."}, {"lang": "es", "value": "Squid es un proxy de almacenamiento en cach\u00e9 para la Web. Antes de la versi\u00f3n 7.5, debido a la liberaci\u00f3n prematura de recursos durante la vida \u00fatil esperada y errores de uso despu\u00e9s de liberaci\u00f3n en el heap, Squid es vulnerable a denegaci\u00f3n de servicio al manejar tr\u00e1fico ICP. Este problema permite a un atacante remoto realizar un ataque de denegaci\u00f3n de servicio fiable y repetible contra el servicio Squid usando el protocolo ICP. Este ataque est\u00e1 limitado a despliegues de Squid que habilitan expl\u00edcitamente el soporte ICP (es decir, configurar un 'icp_port' distinto de cero). Este problema _no puede_ ser mitigado denegando consultas ICP usando reglas de 'icp_access'. Este error est\u00e1 corregido en la versi\u00f3n 7.5 de Squid."}], "id": "CVE-2026-32748", "lastModified": "2026-03-26T20:43:15.687", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-26T01:16:26.850", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b"}, {"source": "security-advisories@github.com", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "url": "https://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory", "Mitigation"], "url": "http://www.openwall.com/lists/oss-security/2026/03/25/3"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-413"}, {"lang": "en", "value": "CWE-416"}, {"lang": "en", "value": "CWE-826"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "Squid: Squid: Denial of Service via crafted ICP traffic", "id": "2451577", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451577"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-826", "details": ["A flaw was found in Squid. A remote attacker can exploit this vulnerability by sending specially crafted ICP (Internet Cache Protocol) traffic. This can lead to a Denial of Service (DoS) due to premature resource release and use-after-free vulnerabilities. This attack is possible in Squid deployments with explicitly enabled ICP support."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, ensure that ICP support is not explicitly enabled in the Squid configuration. This can be achieved by commenting out or setting `icp_port` to `0` in the `squid.conf` file. After modifying the configuration, the Squid service must be reloaded or restarted for the changes to take effect.\nExample:\n```\n# icp_port 3130\n```\nor\n```\nicp_port 0\n```\nWarning: Reloading or restarting the Squid service may temporarily interrupt proxy services."}, "name": "CVE-2026-32748", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "squid", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "squid", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "squid34", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "squid", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "squid:4/squid", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "squid", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-26T00:11:01Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-32748\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-32748\nhttp://www.openwall.com/lists/oss-security/2026/03/25/3\nhttps://github.com/squid-cache/squid/commit/703e07d25ca6fa11f52d20bf0bb879e22ab7481b\nhttps://github.com/squid-cache/squid/security/advisories/GHSA-f9p7-3jqg-hhvq"], "statement": "This Important flaw in Squid can lead to a Denial of Service when processing specially crafted Internet Cache Protocol (ICP) traffic. This vulnerability affects Red Hat products running Squid if ICP support is explicitly enabled by configuring a non-zero `icp_port`. Deployments where ICP is not enabled by default are not affected.", "threat_severity": "Important"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,7.5)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "squid", "source": "cna", "vendor": "squid-cache"}, "product": "squid", "vendor": "squid-cache"}], "analysis": {"en": {"generated_at": "2026-03-26T03:13:33.809629+00:00", "value": {"mitigation_remediation": ["Upgrade the Squid proxy to version 7.5 or later to eliminate the use\u2011after\u2011free bug.", "If an upgrade cannot be performed immediately, disable ICP by setting icp_port to 0 or removing it from the configuration file.", "As a precaution, restrict external access to the ICP port with firewall rules, although this does not fully mitigate the flaw.", "Confirm the patch or configuration change restores normal service operation and monitor logs for any remaining ICP traffic."], "summary": {"action": "Immediate Patch", "impact": "Denial of Service via ICP protocol"}, "threat_synthesis": {"affected_systems": "All Squid versions prior to 7.5 that enable ICP support (icp_port set to a non\u2011zero value) are affected. This includes the standard Squid caching proxy delivered by the squidd-cache:squid product line.\n", "description_and_impact": "The vulnerability is a heap use\u2011after\u2011free in Squid\u2019s handling of ICP responses. When a remote host sends crafted ICP traffic, Squid releases memory prematurely, allowing an attacker to crash the proxy and force the service to stop. The attack does not compromise confidentiality or integrity; it simply disrupts availability of the caching proxy.\n", "risk_and_exploitability": "The CVSS v3.1 score of 8.7 classifies the issue as high severity. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog. Attackers require network reach to the ICP port and can reliably trigger a DoS by repeatedly sending malicious ICP packets. The issue cannot be mitigated by icp_access rules alone; it must be addressed through patching or disabling ICP."}}}}, "created": "2026-03-26T11:31:00.351399+00:00", "updated": "2026-03-26T12:09:02.302721+00:00", "vendors": ["squid-cache", "squid-cache$PRODUCT$squid"]}