Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2023-49288

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a...

8.6CVSS7.5AI score0.04777EPSS
Exploits0References3
OSV
OSV
added 2025/03/03 8:33 p.m.7 views

CLSA-2025-1741034026 squid: Fix of CVE-2023-49288

CVE-2023-49288: fix Denial of Service in HTTP Collapsed Forwarding...

8.6CVSS7.1AI score0.04777EPSS
Exploits0References1
OSV
OSV
added 2024/05/21 6:21 a.m.6 views

CLSA-2024-1716272474 Fix CVE(s): CVE-2023-49288

SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2023-49288.patch: fix unintentional freeing in TRACE request handler - CVE-2023-49288...

8.6CVSS7.1AI score0.04777EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/04/24 12:0 a.m.47 views

Ubuntu 20.04 LTS : Squid vulnerability (USN-6728-3)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6728-3 advisory. USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS and was disabled i...

8.6CVSS7.2AI score0.05229EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/04/24 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-6728-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.5AI score0.88864EPSS
Exploits1References3
OSV
OSV
added 2024/04/23 11:20 a.m.3 views

USN-6728-3 squid vulnerability

USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS and was disabled in USN-6728-2. The problematic fix for CVE-2023-5824 has now been corrected and reinstated in this update. We apologize for the inconvenience...

8.6CVSS6.9AI score0.05229EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2024/04/23 11:20 a.m.72 views

USN-6728-3: Squid vulnerability

USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS and was disabled in USN-6728-2. The problematic fix for CVE-2023-5824 has now been corrected and reinstated in this update. We apologize for the inconvenience...

8.6CVSS6.5AI score0.05229EPSS
Exploits0References1
OSV
OSV
added 2024/04/12 8:45 p.m.7 views

MGASA-2024-0126 Updated squid packages fix security vulnerabilities

Affected versions of squid are subject to a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with "collapsedforwarding on" are vulnerable. Configurations with "collapsedforwarding off" or...

8.6CVSS7AI score0.05229EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/04/12 12:0 a.m.47 views

Ubuntu: Security Advisory (USN-6728-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.5AI score0.88864EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2024/04/11 12:0 a.m.35 views

Ubuntu: Security Advisory (USN-6728-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.5AI score0.88864EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2024/04/10 4:38 p.m.71 views

USN-6728-1: Squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2023-49288 Joshua Rogers discovered that Squ...

8.6CVSS6.8AI score0.88864EPSS
Exploits1
Amazon
Amazon
added 2024/04/02 12:0 a.m.5 views

Important: squid

Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no know...

8.6CVSS7.3AI score0.88818EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2023/12/05 11:20 a.m.46 views

CVE-2023-49288

A flaw was found in Squid. The use of the HTTP Collapsed Forwarding configuration may allow an attacker to perform a denial of service remotely. Mitigation To mitigate this issue, lines for the 'collapsedforwarding' feature have to be removed from your squid.conf...

7.5CVSS7.5AI score0.04777EPSS
Exploits0References3
NVD
NVD
added 2023/12/04 11:15 p.m.23 views

CVE-2023-49288

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...

8.6CVSS0.04777EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/12/04 10:49 p.m.28 views

CVE-2023-49288 Denial of Service in HTTP Collapsed Forwarding in Squid

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...

8.6CVSS7AI score0.04777EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/12/04 10:49 p.m.30 views

CVE-2023-49288

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with...

8.6CVSS7.7AI score0.04777EPSS
Exploits0
Rows per page
Query Builder