AZL-66075

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-66075.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-66075

Upstream

CVE-2025-54574

Published

2025-08-01T18:15:55Z

Modified

2026-04-01T05:20:41.592271Z

Summary

CVE-2025-54574 affecting package squid 5.7-5

Details

Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-54574

Affected packages

Azure Linux:2 / squid

Package

Name: squid
Purl: pkg:rpm/azure-linux/squid

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

5.7-5

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-66075.json"