Lucene search

K
alpinelinuxAlpine Linux Development TeamALPINE:CVE-2023-46848
HistoryNov 03, 2023 - 8:15 a.m.

CVE-2023-46848

2023-11-0308:15:08
Alpine Linux Development Team
security.alpinelinux.org
7
squid
denial of service
ftp
http
vulnerability

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

7.4 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.2%

Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

7.4 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.2%