Debian 11: Critical Info Disclosure & ASN Encoding Bugs DLA-4369-1
debian lts
November 11, 2025
Squid a popular proxy server was affected by multiple vulnerabilities CVE-2025-59362
Topics Covered
Summary
CVE-2025-59362
Squid mishandles ASN.1 encoding of long SNMP OIDs. This occurs in
asn_build_objid in lib/snmplib/asn1.c.
CVE-2025-62168
A failure to redact HTTP authentication credentials in error
handling allows information disclosure. The vulnerability allows a
script to bypass browser security protections and learn the
credentials a trusted client uses to authenticate.
This potentially allows a remote client to identify security tokens
or credentials used internally by a web application using Squid for
backend load balancing. These attacks do not require Squid to
be configured with HTTP authentication
For Debian 11 bullseye, these problems have been fixed in version
4.13-10+deb11u6.
We recommend that you upgrade your squid packages.
For the detailed security status of squid please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/squid
Further information about Debian LTS security advisories, how to apply
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Package: squid
Version: 4.13-10+deb11u6
CVE ID: CVE-2025-59362 CVE-2025-62168
Debian Bug: 1117048 1118341
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!