cbcvebase.
CVE-2023-49288
published 2023-12-04

CVE-2023-49288: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to…

PriorityP346high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
4.78%
90.8th percentile
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with "collapsed_forwarding on" are vulnerable. Configurations with "collapsed_forwarding off" or without a "collapsed_forwarding" directive are not vulnerable. This bug is fixed by Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should remove all collapsed_forwarding lines from their squid.conf.

Affected

9 ranges
VendorProductVersion rangeFixed in
debiansquid< squid 6.1-1 (forky)squid 6.1-1 (forky)
squid-cachesquid
squid-cachesquid3.5 – 5.9
squidsquid>= 0 < 6.1-16.1-1
squidsquid>= 0 < 6.1-16.1-1
squidsquid>= 0 < 4.10-1ubuntu1.114.10-1ubuntu1.11
squidsquid>= 0 < 4.10-1ubuntu1.124.10-1ubuntu1.12
squidsquid>= 0 < 4.10-1ubuntu1.104.10-1ubuntu1.10
squidsquid>= 0 < 5.7-0ubuntu0.22.04.45.7-0ubuntu0.22.04.4

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH
vendor_debian8.6HIGH
vendor_redhat8.6HIGH
vendor_ubuntu8.6HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.