CVE-2023-49286

Updated: 2024-11-24 04:20:37.200211

Description:

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU squid 5.5 7.5 HIGH In Progress 2024-11-28 11:52:06
CentOS 6 ELS squid 3.1.23 7.5 HIGH Released CLSA-2023:1703183411 2024-01-05 08:38:10
CentOS 6 ELS squid34 3.4.14 7.5 HIGH Released CLSA-2023:1703183242 2024-01-05 08:38:12
CentOS 8.4 ELS squid 4.11-4 7.5 HIGH Released CLSA-2023:1703181485 2023-12-21 13:08:42
CentOS 8.5 ELS squid 4.15-1 7.5 HIGH Released CLSA-2023:1703182573 2023-12-21 16:09:12
CloudLinux 6 ELS squid34 3.4.14 7.5 HIGH Released CLSA-2023:1703183740 2024-01-05 08:38:12
CloudLinux 6 ELS squid 3.1.23 7.5 HIGH Released CLSA-2023:1703183829 2024-01-05 08:38:09
Oracle Linux 6 ELS squid34 3.4.14 7.5 HIGH Released CLSA-2023:1703184036 2023-12-21 16:09:21
Oracle Linux 6 ELS squid 3.1.23 7.5 HIGH Released CLSA-2023:1703184171 2023-12-21 16:09:10
Ubuntu 16.04 ELS squid 3.5.12-1 7.5 HIGH Released CLSA-2023:1703184270 2023-12-21 16:09:13
Total: 11