Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:ebuild/net-proxy/squid@2.7.6
purl pkg:ebuild/net-proxy/squid@2.7.6
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-21hf-pjhc-gkek The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects. CVE-2007-6239
VCID-7t4c-w47k-qyc9 Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c. CVE-2009-0478
VCID-xrsk-4r8v-xqh2 The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an incorrect fix for CVE-2007-6239. CVE-2008-1612

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-04T19:10:03.107638+00:00 Gentoo Importer Fixing VCID-7t4c-w47k-qyc9 https://security.gentoo.org/glsa/200903-38 38.6.0
2026-06-04T19:10:03.091336+00:00 Gentoo Importer Fixing VCID-xrsk-4r8v-xqh2 https://security.gentoo.org/glsa/200903-38 38.6.0
2026-06-04T19:10:03.075431+00:00 Gentoo Importer Fixing VCID-21hf-pjhc-gkek https://security.gentoo.org/glsa/200903-38 38.6.0