Oracle Linux 8 ELSA-2025-19107 – Squid Info Disclosure (CVE-2025-62168)
Category:Advisory / Vulnerability
Oracle released an important advisory addressing CVE-2025-62168 in the Squid caching proxy component. The vulnerability allows remote attackers to access cached sensitive data under certain conditions. Patch packages for Oracle Linux 8 are now available to mitigate this flaw.
CORTEX Protocol Intelligence Assessment
Business Impact: Exposure risk for enterprises using Squid in proxy or caching configurations; potential leakage of internal or session data. Technical Context: The vulnerability allows unauthorized retrieval of cached content through crafted requests in unpatched Squid instances.
Strategic Intelligence Guidance
- Apply Oracle’s ELSA-2025-19107 patch immediately.
- Review proxy server configurations and disable caching of sensitive data.
- Conduct vulnerability scanning for Squid deployments.
- Establish patch automation workflows for ELSA advisories.
CVEs
Vendors
Targets
Intelligence Source: Oracle Linux 8 ELSA-2025-19107: squid important info disclosure | Oct 29, 2025