Lucene search

K
alpinelinuxAlpine Linux Development TeamALPINE:CVE-2023-5824
HistoryNov 03, 2023 - 8:15 a.m.

CVE-2023-5824

2023-11-0308:15:08
Alpine Linux Development Team
security.alpinelinux.org
10
squid
vulnerability
denial of service
http
https
clients
improper handling
structural elements
bug

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.6%

Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.6%