CVE-2023-46847
CVSS v3.1
7.5 (High)
EPSS
3.02 % (91th)
Affected Products
10
Advisories
24
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
Weaknesses
- CWE-120
- Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2023-11-03 08:15:08
(10 months ago) - Updated Date
-
2024-02-16 15:22:41
(7 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...