Vulnerability - CVE-2025-59362

Name

CVE-2025-59362

Source

NVD ( link)Debian ( link)

Description

Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in lib/snmplib/asn1.c.

CWEs

CWE-121

Published Date

Sep 26, 2025

Updated Date

Jun 17, 2026

Workaround

Advisories

https://github.com/Microsvuln/advisories/blob/main/CVE-2025-59362/CVE-2025-59362.mdExploit

https://github.com/squid-cache/squid/pull/2149Issue Tracking

Analysis#

Affected Component

Analysis

squid

Exploitable

Vulnerability Ratings#

CVSSv31

NaN

other

Others affected components#

Name

Project

Project Version

Version

Status

squid

buildroot

2025.02.x

6.14

Patched

squid

buildroot

master

7.6

Not Affected

squid

openwrt

openwrt-25.12

7.1-r1

Exploitable

squid

yocto

kirkstone

4.17

Exploitable

squid

yocto

master

7.5

Not Affected

squid

yocto

scarthgap

6.14

Exploitable

Resolved with patches#

squid (buildroot:2025.02.x)

Title

Author

Resolve

Fix ASN.1 encoding of long SNMP OIDs (#2149)

Alex Rousskov <rousskov@measurement-factory.com>

CVE-2025-59362