cbcvebase.
CVE-2023-49286
published 2023-12-04

CVE-2023-49286: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a…

PriorityP347high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
10.35%
95.1th percentile
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected

9 ranges
VendorProductVersion rangeFixed in
debiansquid< squid 5.7-2+deb12u1 (bookworm)squid 5.7-2+deb12u1 (bookworm)
squid-cachesquid< 6.56.5
squid-cachesquid<= 6.4
squidsquid>= 0 < 4.13-10+deb11u34.13-10+deb11u3
squidsquid>= 0 < 5.7-2+deb12u15.7-2+deb12u1
squidsquid>= 0 < 6.5-16.5-1
squidsquid>= 0 < 6.5-16.5-1
squidsquid>= 0 < 4.10-1ubuntu1.94.10-1ubuntu1.9
squidsquid>= 0 < 5.7-0ubuntu0.22.04.35.7-0ubuntu0.22.04.3

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ghsa9.8CRITICAL
osv7.5HIGH
vendor_debian8.6HIGH
vendor_redhat8.6HIGH
vendor_ubuntu8.6HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.