CVE-2023-49285

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-49285
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-49285.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-49285
Aliases
  • GHSA-8w9r-p88v-mmx9
Downstream
Related
Published
2023-12-04T22:56:55Z
Modified
2025-10-15T02:42:47.984654Z
Severity
  • 8.6 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H CVSS Calculator
Summary
Denial of Service in HTTP Message Processing in Squid
Details

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

References

Affected packages

Git /

Affected ranges

Database specific

{
    "unresolved_versions": [
        {
            "type": "",
            "events": [
                {
                    "introduced": "2.2"
                },
                {
                    "fixed": "6.5"
                }
            ]
        }
    ]
}