A critical vulnerability with a staggering 29-year history has been discovered in the widely deployed Squid web proxy, threatening to expose sensitive user data in what researchers have dubbed "Squidbleed." This heap over-read flaw, which has existed undetected in Squid's codebase since 1997, represents a significant security risk for organizations worldwide, particularly those handling sensitive user traffic through proxy infrastructure.

The vulnerability enables attackers to intercept cleartext HTTP requests from other users traversing the same proxy. This means usernames, passwords, session tokens, and other sensitive information transmitted over unencrypted HTTP could potentially be leaked to unauthorized parties who already have permission to send traffic through the compromised proxy. Researchers at Calif.io, who identified and disclosed the flaw in June, traced its origins to a 1997 FTP-parsing modification that has persisted through countless updates and remains present even in current default configurations.

Organizations across virtually all sectors are potentially affected, as Squid remains one of the most popular proxy and caching servers globally. Any enterprise relying on Squid for web traffic management,