1. Home
  2. Vulnerabilities
  3. CVE-2023-49286

CVE-2023-49286

CVSS v3.1 7.5 (High)
75% Progress
EPSS 1.94 % (89th)
1.94% Progress
Affected Products 1
Advisories 18
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Weaknesses
CWE-253
Incorrect Check of Function Return Value
CWE-617
Reachable Assertion
CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE Status
PUBLISHED
CNA
GitHub, Inc.
Published Date
2023-12-04 23:15:27
(9 months ago)
Updated Date
2024-01-19 16:15:09
(8 months ago)

Affected Products

Squid-cache

Configuration #1

    CPE23 From Up To
  Squid-cache Squid 6.4 and prior versions cpe:2.3:a:squid-cache:squid <= 6.4