HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2023-49286

CVSS 8.6v3.1pub. 2023-12-04upd. 2024-11-21

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
  • Squid Cache Squid

    APP
    Squid-Cache
    ≤ 6.4
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2026-33526CRITICAL9.2PL ✓ten sam produkt

Squid: Use-After-Free w obsłudze ruchu ICP umożliwia atak DoS

CVE-2025-62168CRITICAL10.0PL ✓ten sam produkt

Squid: ujawnienie danych uwierzytelniających HTTP przez błędy obsługi

CVE-2025-54574CRITICAL9.3PL ✓ten sam produkt

Heap buffer overflow w Squid podczas przetwarzania URN – możliwy RCE

CVE-2023-46846CRITICAL9.3ten sam produkt

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to...

CVE-2020-15049CRITICAL9.9ten sam produkt

An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Reque...