Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-49286 (GCVE-0-2023-49286)
Vulnerability from cvelistv5 – Published: 2023-12-04 22:53 – Updated: 2025-02-13 17:18
VLAI
EPSS
Title
Denial of Service in Helper Process management
Summary
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity
8.6 (High)
Assigner
References
7 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| squid-cache | squid |
Affected:
< 6.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:53:45.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27"
},
{
"name": "https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264"
},
{
"name": "http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240119-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "squid",
"vendor": "squid-cache",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-617",
"description": "CWE-617: Reachable Assertion",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-253",
"description": "CWE-253: Incorrect Check of Function Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-19T16:06:22.401Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27"
},
{
"name": "https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264"
},
{
"name": "http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch",
"tags": [
"x_refsource_MISC"
],
"url": "http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0004/"
}
],
"source": {
"advisory": "GHSA-xggx-9329-3c27",
"discovery": "UNKNOWN"
},
"title": "Denial of Service in Helper Process management"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-49286",
"datePublished": "2023-12-04T22:53:44.827Z",
"dateReserved": "2023-11-24T16:45:24.312Z",
"dateUpdated": "2025-02-13T17:18:38.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-49286",
"date": "2026-05-26",
"epss": "0.01726",
"percentile": "0.82672"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.4\", \"matchCriteriaId\": \"64A6EFAB-804C-4B6B-B609-2F5A797EACB0\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.\"}, {\"lang\": \"es\", \"value\": \"Squid es un proxy de almacenamiento en cach\\u00e9 para la Web que admite HTTP, HTTPS, FTP y m\\u00e1s. Debido a un error de verificaci\\u00f3n incorrecta del valor de retorno de la funci\\u00f3n, Squid es vulnerable a un ataque de denegaci\\u00f3n de servicio contra su gesti\\u00f3n de procesos auxiliares. Este error se solucion\\u00f3 con la versi\\u00f3n 6.5 de Squid. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.\"}]",
"id": "CVE-2023-49286",
"lastModified": "2024-11-21T08:33:11.347",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\", \"baseScore\": 8.6, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 4.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2023-12-04T23:15:27.243",
"references": "[{\"url\": \"http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240119-0004/\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240119-0004/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-253\"}, {\"lang\": \"en\", \"value\": \"CWE-617\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-617\"}, {\"lang\": \"en\", \"value\": \"CWE-754\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-49286\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2023-12-04T23:15:27.243\",\"lastModified\":\"2024-11-21T08:33:11.347\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Squid es un proxy de almacenamiento en cach\u00e9 para la Web que admite HTTP, HTTPS, FTP y m\u00e1s. Debido a un error de verificaci\u00f3n incorrecta del valor de retorno de la funci\u00f3n, Squid es vulnerable a un ataque de denegaci\u00f3n de servicio contra su gesti\u00f3n de procesos auxiliares. Este error se solucion\u00f3 con la versi\u00f3n 6.5 de Squid. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-253\"},{\"lang\":\"en\",\"value\":\"CWE-617\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-617\"},{\"lang\":\"en\",\"value\":\"CWE-754\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.4\",\"matchCriteriaId\":\"64A6EFAB-804C-4B6B-B609-2F5A797EACB0\"}]}]}],\"references\":[{\"url\":\"http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240119-0004/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240119-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTFR-2023-AVI-0993
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Squid. Elles permettent à un attaquant de provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Squid versions ant\u00e9rieures \u00e0 6.5",
"product": {
"name": "Squid",
"vendor": {
"name": "Squid",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-49286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49286"
},
{
"name": "CVE-2023-49285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49285"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Squid CVE-2023-49285 du 02 d\u00e9cembre 2023",
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-8w9r-p88v-mmx9"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Squid CVE-2023-49286 du 02 d\u00e9cembre 2023",
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27"
}
],
"reference": "CERTFR-2023-AVI-0993",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-12-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Squid. Elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Squid",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Squid CVE-2023-49286 du 02 d\u00e9cembre 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Squid GHSA-rj5h-46j6-q2g5 du 02 d\u00e9cembre 2023",
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-rj5h-46j6-q2g5"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Squid CVE-2023-49285 du 02 d\u00e9cembre 2023",
"url": null
}
]
}
CERTFR-2023-AVI-0993
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Squid. Elles permettent à un attaquant de provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Squid versions ant\u00e9rieures \u00e0 6.5",
"product": {
"name": "Squid",
"vendor": {
"name": "Squid",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-49286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49286"
},
{
"name": "CVE-2023-49285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49285"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Squid CVE-2023-49285 du 02 d\u00e9cembre 2023",
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-8w9r-p88v-mmx9"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Squid CVE-2023-49286 du 02 d\u00e9cembre 2023",
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27"
}
],
"reference": "CERTFR-2023-AVI-0993",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-12-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Squid. Elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Squid",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Squid CVE-2023-49286 du 02 d\u00e9cembre 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Squid GHSA-rj5h-46j6-q2g5 du 02 d\u00e9cembre 2023",
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-rj5h-46j6-q2g5"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Squid CVE-2023-49285 du 02 d\u00e9cembre 2023",
"url": null
}
]
}
alsa-2024:0046
Vulnerability from osv_almalinux
Published
2024-01-03 00:00
Modified
2024-01-08 14:59
Summary
Important: squid:4 security update
Details
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.
Security Fix(es):
- squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)
- squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)
- squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285)
- squid: Incorrect Check of Function Return Value In Helper Process management (CVE-2023-49286)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libecap"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.1-2.module_el8.6.0+2741+01592ae8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libecap"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.1-2.module_el8.6.0+3048+383bc947"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libecap-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.1-2.module_el8.6.0+2741+01592ae8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libecap-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.1-2.module_el8.6.0+3048+383bc947"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "squid"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "7:4.15-7.module_el8.9.0+3708+6acaac63.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n* squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)\n* squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)\n* squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285)\n* squid: Incorrect Check of Function Return Value In Helper Process management (CVE-2023-49286)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"id": "ALSA-2024:0046",
"modified": "2024-01-08T14:59:53Z",
"published": "2024-01-03T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:0046"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-46724"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-46728"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-49285"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-49286"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2247567"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2248521"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2252923"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2252926"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2024-0046.html"
}
],
"related": [
"CVE-2023-46724",
"CVE-2023-46728",
"CVE-2023-49285",
"CVE-2023-49286"
],
"summary": "Important: squid:4 security update"
}
alsa-2024:0071
Vulnerability from osv_almalinux
Published
2024-01-08 00:00
Modified
2024-01-08 13:54
Summary
Important: squid security update
Details
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.
Security Fix(es):
- squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)
- squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)
- squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285)
- squid: Incorrect Check of Function Return Value In Helper Process management (CVE-2023-49286)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "squid"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "7:5.5-6.el9_3.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n* squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)\n* squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)\n* squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285)\n* squid: Incorrect Check of Function Return Value In Helper Process management (CVE-2023-49286)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"id": "ALSA-2024:0071",
"modified": "2024-01-08T13:54:39Z",
"published": "2024-01-08T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:0071"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-46724"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-46728"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-49285"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-49286"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2247567"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2248521"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2252923"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2252926"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2024-0071.html"
}
],
"related": [
"CVE-2023-46724",
"CVE-2023-46728",
"CVE-2023-49285",
"CVE-2023-49286"
],
"summary": "Important: squid security update"
}
BDU:2023-08580
Vulnerability from fstec - Published: 24.11.2023
VLAI
Title
Уязвимость прокси-сервера Squid, связанная с недостаточной проверкой исключительных состояний, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость прокси-сервера Squid связана с недостаточной проверкой исключительных состояний. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании
Severity
Vendor
Novell Inc., Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра», АО «ИВК», АО «НТЦ ИТ РОСА», Squid Software Foundation
Software Name
SUSE Linux Enterprise Server for SAP Applications, SUSE OpenStack Cloud, Suse Linux Enterprise Server, SUSE Linux Enterprise Module for Server Applications, SUSE OpenStack Cloud Crowbar, Debian GNU/Linux, SUSE Linux Enterprise High Performance Computing, SUSE Linux Enterprise Server for Raspberry Pi, SUSE Manager Proxy, SUSE Manager Retail Branch Server, SUSE Manager Server, Astra Linux Special Edition (запись в едином реестре российских программ №369), Альт 8 СП (запись в едином реестре российских программ №4305), SUSE Linux Enterprise Real Time, SUSE Linux Enterprise Storage, РОСА Кобальт (запись в едином реестре российских программ №1999), Astra Linux Common Edition (запись в едином реестре российских программ №4433), Squid, SUSE Linux Enterprise Module for SAP Applications
Software Version
12 SP2 (SUSE Linux Enterprise Server for SAP Applications), 12 SP3 (SUSE Linux Enterprise Server for SAP Applications), 12 SP4 (SUSE Linux Enterprise Server for SAP Applications), 7 (SUSE OpenStack Cloud), 12 SP3 (Suse Linux Enterprise Server), 12 SP4 (Suse Linux Enterprise Server), 11 SP3 LTSS (Suse Linux Enterprise Server), 12 SP2-BCL (Suse Linux Enterprise Server), 12 SP2-ESPOS (Suse Linux Enterprise Server), 15 (SUSE Linux Enterprise Server for SAP Applications), 11 SP4-LTSS (Suse Linux Enterprise Server), 12 SP2-LTSS (Suse Linux Enterprise Server), 12 SP3-LTSS (Suse Linux Enterprise Server), 15 SP1 (SUSE Linux Enterprise Module for Server Applications), 8 (SUSE OpenStack Cloud), 12 SP3-BCL (Suse Linux Enterprise Server), 8 (SUSE OpenStack Cloud Crowbar), 10 (Debian GNU/Linux), 12 SP3-ESPOS (Suse Linux Enterprise Server), 12 SP2 (Suse Linux Enterprise Server), 9 (SUSE OpenStack Cloud), 9 (SUSE OpenStack Cloud Crowbar), 12 SP5 (SUSE Linux Enterprise High Performance Computing), 15-LTSS (SUSE Linux Enterprise High Performance Computing), 15-LTSS (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise Module for Server Applications), 11 SP3 (Suse Linux Enterprise Server), 12 SP2 (SUSE Linux Enterprise Server for Raspberry Pi), 12 SP4 LTSS (Suse Linux Enterprise Server), 12 SP4-ESPOS (Suse Linux Enterprise Server), 15 SP1-BCL (Suse Linux Enterprise Server), 4.0 (SUSE Manager Proxy), 4.0 (SUSE Manager Retail Branch Server), 4.0 (SUSE Manager Server), 15 SP3 (SUSE Linux Enterprise Module for Server Applications), 15 SP1 (Suse Linux Enterprise Server), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), 15 SP3 (SUSE Linux Enterprise High Performance Computing), 15 SP3 (Suse Linux Enterprise Server), 4.2 (SUSE Manager Proxy), 4.2 (SUSE Manager Server), 15 SP2 (Suse Linux Enterprise Server), 4.1 (SUSE Manager Server), 4.1 (SUSE Manager Proxy), 15 SP2-ESPOS (SUSE Linux Enterprise High Performance Computing), 4.1 (SUSE Manager Retail Branch Server), - (Альт 8 СП), 15 SP2 (SUSE Linux Enterprise High Performance Computing), 15 (Suse Linux Enterprise Server), 15 SP2-BCL (Suse Linux Enterprise Server), 4.2 (SUSE Manager Retail Branch Server), 15 SP2 (SUSE Linux Enterprise Real Time), 15 (SUSE Linux Enterprise High Performance Computing), 15 SP1 (SUSE Linux Enterprise High Performance Computing), 7 (SUSE Linux Enterprise Storage), 4.7 (Astra Linux Special Edition), 6 (SUSE Linux Enterprise Storage), 15 SP3-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP3 (SUSE Linux Enterprise Real Time), 7.9 (РОСА Кобальт), 15 SP3-BCL (Suse Linux Enterprise Server), 1.6 «Смоленск» (Astra Linux Common Edition), до 6.5 (Squid), 15 (SUSE Linux Enterprise Module for SAP Applications)
Possible Mitigations
Использование рекомендаций:
Для Squid:
http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch
https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264
https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2023-49286
Для программных продуктов Novell Inc.:
https://www.suse.com/security/cve/CVE-2023-49286.html
Для ОС Astra Linux:
обновить пакет squid до 5.7-2+deb12u1+astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17
Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства
Для Astra Linux Special Edition 4.7 для архитектуры ARM:
обновить пакет squid до 5.7-2+deb12u1+astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47
Для ОС РОСА "КОБАЛЬТ": https://abf.rosa.ru/advisories/ROSA-SA-2024-2479
Для ОС РОСА "КОБАЛЬТ": https://abf.rosa.ru/advisories/ROSA-SA-2024-2479
Для ОС Astra Linux:
обновить пакет squid3 до 3.5.23-5+deb9u11+astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16
Reference
http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch
https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264
https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27
https://security-tracker.debian.org/tracker/CVE-2023-49286
https://www.suse.com/security/cve/CVE-2023-49286.html
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17
https://altsp.su/obnovleniya-bezopasnosti/
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47
https://abf.rosa.ru/advisories/ROSA-SA-2024-2479
https://abf.rosa.ru/advisories/ROSA-SA-2024-2479
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16
CWE
CWE-253, CWE-617, CWE-754
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb, Squid Software Foundation",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "12 SP2 (SUSE Linux Enterprise Server for SAP Applications), 12 SP3 (SUSE Linux Enterprise Server for SAP Applications), 12 SP4 (SUSE Linux Enterprise Server for SAP Applications), 7 (SUSE OpenStack Cloud), 12 SP3 (Suse Linux Enterprise Server), 12 SP4 (Suse Linux Enterprise Server), 11 SP3 LTSS (Suse Linux Enterprise Server), 12 SP2-BCL (Suse Linux Enterprise Server), 12 SP2-ESPOS (Suse Linux Enterprise Server), 15 (SUSE Linux Enterprise Server for SAP Applications), 11 SP4-LTSS (Suse Linux Enterprise Server), 12 SP2-LTSS (Suse Linux Enterprise Server), 12 SP3-LTSS (Suse Linux Enterprise Server), 15 SP1 (SUSE Linux Enterprise Module for Server Applications), 8 (SUSE OpenStack Cloud), 12 SP3-BCL (Suse Linux Enterprise Server), 8 (SUSE OpenStack Cloud Crowbar), 10 (Debian GNU/Linux), 12 SP3-ESPOS (Suse Linux Enterprise Server), 12 SP2 (Suse Linux Enterprise Server), 9 (SUSE OpenStack Cloud), 9 (SUSE OpenStack Cloud Crowbar), 12 SP5 (SUSE Linux Enterprise High Performance Computing), 15-LTSS (SUSE Linux Enterprise High Performance Computing), 15-LTSS (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise Module for Server Applications), 11 SP3 (Suse Linux Enterprise Server), 12 SP2 (SUSE Linux Enterprise Server for Raspberry Pi), 12 SP4 LTSS (Suse Linux Enterprise Server), 12 SP4-ESPOS (Suse Linux Enterprise Server), 15 SP1-BCL (Suse Linux Enterprise Server), 4.0 (SUSE Manager Proxy), 4.0 (SUSE Manager Retail Branch Server), 4.0 (SUSE Manager Server), 15 SP3 (SUSE Linux Enterprise Module for Server Applications), 15 SP1 (Suse Linux Enterprise Server), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), 15 SP3 (SUSE Linux Enterprise High Performance Computing), 15 SP3 (Suse Linux Enterprise Server), 4.2 (SUSE Manager Proxy), 4.2 (SUSE Manager Server), 15 SP2 (Suse Linux Enterprise Server), 4.1 (SUSE Manager Server), 4.1 (SUSE Manager Proxy), 15 SP2-ESPOS (SUSE Linux Enterprise High Performance Computing), 4.1 (SUSE Manager Retail Branch Server), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), 15 SP2 (SUSE Linux Enterprise High Performance Computing), 15 (Suse Linux Enterprise Server), 15 SP2-BCL (Suse Linux Enterprise Server), 4.2 (SUSE Manager Retail Branch Server), 15 SP2 (SUSE Linux Enterprise Real Time), 15 (SUSE Linux Enterprise High Performance Computing), 15 SP1 (SUSE Linux Enterprise High Performance Computing), 7 (SUSE Linux Enterprise Storage), 4.7 (Astra Linux Special Edition), 6 (SUSE Linux Enterprise Storage), 15 SP3-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP3 (SUSE Linux Enterprise Real Time), 7.9 (\u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442), 15 SP3-BCL (Suse Linux Enterprise Server), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Common Edition), \u0434\u043e 6.5 (Squid), 15 (SUSE Linux Enterprise Module for SAP Applications)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f Squid:\nhttp://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch\nhttps://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264\nhttps://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2023-49286\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2023-49286.html\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 squid \u0434\u043e 5.7-2+deb12u1+astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 squid \u0434\u043e 5.7-2+deb12u1+astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\n\n\u0414\u043b\u044f \u041e\u0421 \u0420\u041e\u0421\u0410 \"\u041a\u041e\u0411\u0410\u041b\u042c\u0422\": https://abf.rosa.ru/advisories/ROSA-SA-2024-2479\n\n\u0414\u043b\u044f \u041e\u0421 \u0420\u041e\u0421\u0410 \"\u041a\u041e\u0411\u0410\u041b\u042c\u0422\": https://abf.rosa.ru/advisories/ROSA-SA-2024-2479\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 squid3 \u0434\u043e 3.5.23-5+deb9u11+astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "24.11.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "20.01.2026",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "11.12.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-08580",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-49286",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "SUSE Linux Enterprise Server for SAP Applications, SUSE OpenStack Cloud, Suse Linux Enterprise Server, SUSE Linux Enterprise Module for Server Applications, SUSE OpenStack Cloud Crowbar, Debian GNU/Linux, SUSE Linux Enterprise High Performance Computing, SUSE Linux Enterprise Server for Raspberry Pi, SUSE Manager Proxy, SUSE Manager Retail Branch Server, SUSE Manager Server, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), SUSE Linux Enterprise Real Time, SUSE Linux Enterprise Storage, \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999), Astra Linux Common Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), Squid, SUSE Linux Enterprise Module for SAP Applications",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP2 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP3 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4 , Novell Inc. Suse Linux Enterprise Server 12 SP3 , Novell Inc. Suse Linux Enterprise Server 12 SP4 , Novell Inc. Suse Linux Enterprise Server 11 SP3 LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP2-BCL , Novell Inc. Suse Linux Enterprise Server 12 SP2-ESPOS , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 , Novell Inc. Suse Linux Enterprise Server 11 SP4-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP2-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP3-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP3-BCL , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Novell Inc. Suse Linux Enterprise Server 12 SP3-ESPOS , Novell Inc. Suse Linux Enterprise Server 12 SP2 , Novell Inc. Suse Linux Enterprise Server 15-LTSS , Novell Inc. Suse Linux Enterprise Server 11 SP3 , Novell Inc. Suse Linux Enterprise Server 12 SP4 LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP4-ESPOS , Novell Inc. Suse Linux Enterprise Server 15 SP1-BCL , Novell Inc. Suse Linux Enterprise Server 15 SP1 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Novell Inc. Suse Linux Enterprise Server 15 SP3 , Novell Inc. Suse Linux Enterprise Server 15 SP2 , \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f - (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), Novell Inc. Suse Linux Enterprise Server 15 , Novell Inc. Suse Linux Enterprise Server 15 SP2-BCL , Novell Inc. SUSE Linux Enterprise Real Time 15 SP2 , Novell Inc. SUSE Linux Enterprise Storage 7 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Novell Inc. SUSE Linux Enterprise Storage 6 , Novell Inc. SUSE Linux Enterprise Real Time 15 SP3 , \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 7.9 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999), Novell Inc. Suse Linux Enterprise Server 15 SP3-BCL , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Common Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Squid, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u043c\u043e\u0433\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0438 (CWE-253), \u0414\u043e\u0441\u0442\u0443\u043f\u043d\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f assert() (CWE-617), \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043d\u0435\u043e\u0431\u044b\u0447\u043d\u044b\u0445 \u0438\u043b\u0438 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0439 (CWE-754)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Squid \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u043e\u043a\u0430\u043c\u0438 \u0438 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch\nhttps://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264\nhttps://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27\nhttps://security-tracker.debian.org/tracker/CVE-2023-49286\nhttps://www.suse.com/security/cve/CVE-2023-49286.html\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\nhttps://abf.rosa.ru/advisories/ROSA-SA-2024-2479\nhttps://abf.rosa.ru/advisories/ROSA-SA-2024-2479\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-253, CWE-617, CWE-754",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,6)"
}
FKIE_CVE-2023-49286
Vulnerability from fkie_nvd - Published: 2023-12-04 23:15 - Updated: 2024-11-21 08:33
Severity
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch | Broken Link | |
| security-advisories@github.com | https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264 | Patch | |
| security-advisories@github.com | https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27 | Vendor Advisory | |
| security-advisories@github.com | https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html | ||
| security-advisories@github.com | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/ | ||
| security-advisories@github.com | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/ | ||
| security-advisories@github.com | https://security.netapp.com/advisory/ntap-20240119-0004/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20240119-0004/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| squid-cache | squid | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64A6EFAB-804C-4B6B-B609-2F5A797EACB0",
"versionEndIncluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "Squid es un proxy de almacenamiento en cach\u00e9 para la Web que admite HTTP, HTTPS, FTP y m\u00e1s. Debido a un error de verificaci\u00f3n incorrecta del valor de retorno de la funci\u00f3n, Squid es vulnerable a un ataque de denegaci\u00f3n de servicio contra su gesti\u00f3n de procesos auxiliares. Este error se solucion\u00f3 con la versi\u00f3n 6.5 de Squid. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."
}
],
"id": "CVE-2023-49286",
"lastModified": "2024-11-21T08:33:11.347",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-04T23:15:27.243",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Broken Link"
],
"url": "http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/"
},
{
"source": "security-advisories@github.com",
"url": "https://security.netapp.com/advisory/ntap-20240119-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20240119-0004/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-253"
},
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-617"
},
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2023-49286
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-49286",
"id": "GSD-2023-49286"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-49286"
],
"details": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
"id": "GSD-2023-49286",
"modified": "2023-12-13T01:20:35.044672Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2023-49286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "squid",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c 6.5"
}
]
}
}
]
},
"vendor_name": "squid-cache"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-617",
"lang": "eng",
"value": "CWE-617: Reachable Assertion"
}
]
},
{
"description": [
{
"cweId": "CWE-253",
"lang": "eng",
"value": "CWE-253: Incorrect Check of Function Return Value"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27",
"refsource": "MISC",
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27"
},
{
"name": "https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264",
"refsource": "MISC",
"url": "https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264"
},
{
"name": "http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch",
"refsource": "MISC",
"url": "http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20240119-0004/",
"refsource": "MISC",
"url": "https://security.netapp.com/advisory/ntap-20240119-0004/"
}
]
},
"source": {
"advisory": "GHSA-xggx-9329-3c27",
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64A6EFAB-804C-4B6B-B609-2F5A797EACB0",
"versionEndIncluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "Squid es un proxy de almacenamiento en cach\u00e9 para la Web que admite HTTP, HTTPS, FTP y m\u00e1s. Debido a un error de verificaci\u00f3n incorrecta del valor de retorno de la funci\u00f3n, Squid es vulnerable a un ataque de denegaci\u00f3n de servicio contra su gesti\u00f3n de procesos auxiliares. Este error se solucion\u00f3 con la versi\u00f3n 6.5 de Squid. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."
}
],
"id": "CVE-2023-49286",
"lastModified": "2024-01-19T16:15:09.793",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2023-12-04T23:15:27.243",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Broken Link"
],
"url": "http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/"
},
{
"source": "security-advisories@github.com",
"url": "https://security.netapp.com/advisory/ntap-20240119-0004/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
},
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-253"
},
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
}
}
}
OPENSUSE-SU-2024:13631-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
squid-6.6-2.1 on GA media
Severity
Moderate
Notes
Title of the patch: squid-6.6-2.1 on GA media
Description of the patch: These are all security issues fixed in the squid-6.6-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13631
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.6 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:squid-6.6-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
17 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2023-49285/ | self |
| https://www.suse.com/security/cve/CVE-2023-49286/ | self |
| https://www.suse.com/security/cve/CVE-2023-49288/ | self |
| https://www.suse.com/security/cve/CVE-2023-50269/ | self |
| https://www.suse.com/security/cve/CVE-2024-23638/ | self |
| https://www.suse.com/security/cve/CVE-2023-49285 | external |
| https://bugzilla.suse.com/1217813 | external |
| https://www.suse.com/security/cve/CVE-2023-49286 | external |
| https://bugzilla.suse.com/1217815 | external |
| https://www.suse.com/security/cve/CVE-2023-49288 | external |
| https://bugzilla.suse.com/1217825 | external |
| https://www.suse.com/security/cve/CVE-2023-50269 | external |
| https://bugzilla.suse.com/1217654 | external |
| https://www.suse.com/security/cve/CVE-2024-23638 | external |
| https://bugzilla.suse.com/1219131 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "squid-6.6-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the squid-6.6-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13631",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13631-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-49285 page",
"url": "https://www.suse.com/security/cve/CVE-2023-49285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-49286 page",
"url": "https://www.suse.com/security/cve/CVE-2023-49286/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-49288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-49288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-50269 page",
"url": "https://www.suse.com/security/cve/CVE-2023-50269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23638/"
}
],
"title": "squid-6.6-2.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13631-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "squid-6.6-2.1.aarch64",
"product": {
"name": "squid-6.6-2.1.aarch64",
"product_id": "squid-6.6-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "squid-6.6-2.1.ppc64le",
"product": {
"name": "squid-6.6-2.1.ppc64le",
"product_id": "squid-6.6-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "squid-6.6-2.1.s390x",
"product": {
"name": "squid-6.6-2.1.s390x",
"product_id": "squid-6.6-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "squid-6.6-2.1.x86_64",
"product": {
"name": "squid-6.6-2.1.x86_64",
"product_id": "squid-6.6-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-6.6-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:squid-6.6-2.1.aarch64"
},
"product_reference": "squid-6.6-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-6.6-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:squid-6.6-2.1.ppc64le"
},
"product_reference": "squid-6.6-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-6.6-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:squid-6.6-2.1.s390x"
},
"product_reference": "squid-6.6-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-6.6-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
},
"product_reference": "squid-6.6-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-49285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-49285"
}
],
"notes": [
{
"category": "general",
"text": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-49285",
"url": "https://www.suse.com/security/cve/CVE-2023-49285"
},
{
"category": "external",
"summary": "SUSE Bug 1217813 for CVE-2023-49285",
"url": "https://bugzilla.suse.com/1217813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-49285"
},
{
"cve": "CVE-2023-49286",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-49286"
}
],
"notes": [
{
"category": "general",
"text": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-49286",
"url": "https://www.suse.com/security/cve/CVE-2023-49286"
},
{
"category": "external",
"summary": "SUSE Bug 1217815 for CVE-2023-49286",
"url": "https://bugzilla.suse.com/1217815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-49286"
},
{
"cve": "CVE-2023-49288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-49288"
}
],
"notes": [
{
"category": "general",
"text": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with \"collapsed_forwarding on\" are vulnerable. Configurations with \"collapsed_forwarding off\" or without a \"collapsed_forwarding\" directive are not vulnerable. This bug is fixed by Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should remove all collapsed_forwarding lines from their squid.conf.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-49288",
"url": "https://www.suse.com/security/cve/CVE-2023-49288"
},
{
"category": "external",
"summary": "SUSE Bug 1217825 for CVE-2023-49288",
"url": "https://bugzilla.suse.com/1217825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-49288"
},
{
"cve": "CVE-2023-50269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-50269"
}
],
"notes": [
{
"category": "general",
"text": "Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid\u0027s patch archives.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-50269",
"url": "https://www.suse.com/security/cve/CVE-2023-50269"
},
{
"category": "external",
"summary": "SUSE Bug 1217654 for CVE-2023-50269",
"url": "https://bugzilla.suse.com/1217654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-50269"
},
{
"cve": "CVE-2024-23638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23638"
}
],
"notes": [
{
"category": "general",
"text": "Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error pages for Client Manager reports. Squid older than 5.0.5 have not been tested and should be assumed to be vulnerable. All Squid-5.x up to and including 5.9 are vulnerable. All Squid-6.x up to and including 6.5 are vulnerable. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid\u0027s patch archives. As a workaround, prevent access to Cache Manager using Squid\u0027s main access control: `http_access deny manager`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23638",
"url": "https://www.suse.com/security/cve/CVE-2024-23638"
},
{
"category": "external",
"summary": "SUSE Bug 1219131 for CVE-2024-23638",
"url": "https://bugzilla.suse.com/1219131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:squid-6.6-2.1.aarch64",
"openSUSE Tumbleweed:squid-6.6-2.1.ppc64le",
"openSUSE Tumbleweed:squid-6.6-2.1.s390x",
"openSUSE Tumbleweed:squid-6.6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-23638"
}
]
}
RHSA-2024:0046
Vulnerability from csaf_redhat - Published: 2024-01-03 21:13 - Updated: 2026-03-18 02:30Summary
Red Hat Security Advisory: squid:4 security update
Severity
Important
Notes
Topic: An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.
Security Fix(es):
* squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)
* squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)
* squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285)
* squid: Incorrect Check of Function Return Value In Helper Process management (CVE-2023-49286)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Squid. Due to an improper validation of the specified index bug, Squid compiled using `--with-openssl` is vulnerable to a denial of service attack against SSL Certificate validation. This flaw allows a remote server to perform a denial of service against the Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump.
7.5 (High)
Affected products
Fixed
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid. This issue may lead to a remote denial of service via gopher URL requests.
7.5 (High)
Affected products
Fixed
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A buffer over-read flaw was found in Squid's HTTP Message processing feature. This issue may allow attackers to perform remote denial of service.
7.5 (High)
Affected products
Fixed
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Squid due to an incorrect check of the return value in the helper process management. This issue may allow attackers to perform remote denial of service.
7.5 (High)
Affected products
Fixed
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
29 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:0046 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2247567 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2248521 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2252923 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2252926 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2023-46724 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2247567 | external |
| https://www.cve.org/CVERecord?id=CVE-2023-46724 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2023-46724 | external |
| http://www.squid-cache.org/Versions/v5/SQUID-2023… | external |
| http://www.squid-cache.org/Versions/v6/SQUID-2023… | external |
| https://github.com/squid-cache/squid/commit/b70f8… | external |
| https://github.com/squid-cache/squid/security/adv… | external |
| https://access.redhat.com/security/cve/CVE-2023-46728 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2248521 | external |
| https://www.cve.org/CVERecord?id=CVE-2023-46728 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2023-46728 | external |
| https://github.com/squid-cache/squid/security/adv… | external |
| https://megamansec.github.io/Squid-Security-Audit… | external |
| https://access.redhat.com/security/cve/CVE-2023-49285 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2252926 | external |
| https://www.cve.org/CVERecord?id=CVE-2023-49285 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2023-49285 | external |
| https://access.redhat.com/security/cve/CVE-2023-49286 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2252923 | external |
| https://www.cve.org/CVERecord?id=CVE-2023-49286 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2023-49286 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n* squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)\n\n* squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)\n\n* squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285)\n\n* squid: Incorrect Check of Function Return Value In Helper Process management (CVE-2023-49286)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0046",
"url": "https://access.redhat.com/errata/RHSA-2024:0046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2247567",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247567"
},
{
"category": "external",
"summary": "2248521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248521"
},
{
"category": "external",
"summary": "2252923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252923"
},
{
"category": "external",
"summary": "2252926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252926"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0046.json"
}
],
"title": "Red Hat Security Advisory: squid:4 security update",
"tracking": {
"current_release_date": "2026-03-18T02:30:38+00:00",
"generator": {
"date": "2026-03-18T02:30:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2024:0046",
"initial_release_date": "2024-01-03T21:13:13+00:00",
"revision_history": [
{
"date": "2024-01-03T21:13:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-01-03T21:13:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:30:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"product": {
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src (squid:4)",
"product_id": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=src\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"product": {
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src (squid:4)",
"product_id": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/squid@4.15-7.module%2Bel8.9.0%2B20975%2B25f17541.5?arch=src\u0026epoch=7\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"product": {
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64 (squid:4)",
"product_id": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=aarch64\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"product": {
"name": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64 (squid:4)",
"product_id": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap-debuginfo@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=aarch64\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"product": {
"name": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64 (squid:4)",
"product_id": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap-debugsource@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=aarch64\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"product": {
"name": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64 (squid:4)",
"product_id": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap-devel@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=aarch64\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"product": {
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64 (squid:4)",
"product_id": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/squid@4.15-7.module%2Bel8.9.0%2B20975%2B25f17541.5?arch=aarch64\u0026epoch=7\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"product": {
"name": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64 (squid:4)",
"product_id": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/squid-debuginfo@4.15-7.module%2Bel8.9.0%2B20975%2B25f17541.5?arch=aarch64\u0026epoch=7\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"product": {
"name": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64 (squid:4)",
"product_id": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/squid-debugsource@4.15-7.module%2Bel8.9.0%2B20975%2B25f17541.5?arch=aarch64\u0026epoch=7\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"product": {
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le (squid:4)",
"product_id": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=ppc64le\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"product": {
"name": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le (squid:4)",
"product_id": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap-debuginfo@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=ppc64le\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"product": {
"name": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le (squid:4)",
"product_id": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap-debugsource@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=ppc64le\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"product": {
"name": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le (squid:4)",
"product_id": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap-devel@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=ppc64le\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"product": {
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le (squid:4)",
"product_id": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/squid@4.15-7.module%2Bel8.9.0%2B20975%2B25f17541.5?arch=ppc64le\u0026epoch=7\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"product": {
"name": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le (squid:4)",
"product_id": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/squid-debuginfo@4.15-7.module%2Bel8.9.0%2B20975%2B25f17541.5?arch=ppc64le\u0026epoch=7\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"product": {
"name": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le (squid:4)",
"product_id": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/squid-debugsource@4.15-7.module%2Bel8.9.0%2B20975%2B25f17541.5?arch=ppc64le\u0026epoch=7\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"product": {
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x (squid:4)",
"product_id": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=s390x\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"product": {
"name": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x (squid:4)",
"product_id": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap-debuginfo@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=s390x\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"product": {
"name": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x (squid:4)",
"product_id": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap-debugsource@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=s390x\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"product": {
"name": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x (squid:4)",
"product_id": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap-devel@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=s390x\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"product": {
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x (squid:4)",
"product_id": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/squid@4.15-7.module%2Bel8.9.0%2B20975%2B25f17541.5?arch=s390x\u0026epoch=7\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"product": {
"name": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x (squid:4)",
"product_id": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/squid-debuginfo@4.15-7.module%2Bel8.9.0%2B20975%2B25f17541.5?arch=s390x\u0026epoch=7\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"product": {
"name": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x (squid:4)",
"product_id": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/squid-debugsource@4.15-7.module%2Bel8.9.0%2B20975%2B25f17541.5?arch=s390x\u0026epoch=7\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"product": {
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64 (squid:4)",
"product_id": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=x86_64\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"product": {
"name": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64 (squid:4)",
"product_id": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap-debuginfo@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=x86_64\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"product": {
"name": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64 (squid:4)",
"product_id": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap-debugsource@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=x86_64\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"product": {
"name": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64 (squid:4)",
"product_id": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libecap-devel@1.0.1-2.module%2Bel8.9.0%2B19703%2Ba1da7223?arch=x86_64\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"product": {
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64 (squid:4)",
"product_id": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/squid@4.15-7.module%2Bel8.9.0%2B20975%2B25f17541.5?arch=x86_64\u0026epoch=7\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"product": {
"name": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64 (squid:4)",
"product_id": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/squid-debuginfo@4.15-7.module%2Bel8.9.0%2B20975%2B25f17541.5?arch=x86_64\u0026epoch=7\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
},
{
"category": "product_version",
"name": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"product": {
"name": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64 (squid:4)",
"product_id": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/squid-debugsource@4.15-7.module%2Bel8.9.0%2B20975%2B25f17541.5?arch=x86_64\u0026epoch=7\u0026rpmmod=squid:4:8090020231207155957:a75119d5"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4"
},
"product_reference": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4"
},
"product_reference": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4"
},
"product_reference": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4"
},
"product_reference": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4"
},
"product_reference": "libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4"
},
"product_reference": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4"
},
"product_reference": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4"
},
"product_reference": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4"
},
"product_reference": "libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4"
},
"product_reference": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4"
},
"product_reference": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4"
},
"product_reference": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4"
},
"product_reference": "libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4"
},
"product_reference": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4"
},
"product_reference": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4"
},
"product_reference": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4"
},
"product_reference": "libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4"
},
"product_reference": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4"
},
"product_reference": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4"
},
"product_reference": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4"
},
"product_reference": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
},
"product_reference": "squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4"
},
"product_reference": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4"
},
"product_reference": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4"
},
"product_reference": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
},
"product_reference": "squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4"
},
"product_reference": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4"
},
"product_reference": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4"
},
"product_reference": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64 (squid:4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
},
"product_reference": "squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-46724",
"cwe": {
"id": "CWE-823",
"name": "Use of Out-of-range Pointer Offset"
},
"discovery_date": "2023-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2247567"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Squid. Due to an improper validation of the specified index bug, Squid compiled using `--with-openssl` is vulnerable to a denial of service attack against SSL Certificate validation. This flaw allows a remote server to perform a denial of service against the Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "squid: Denial of Service in SSL Certificate validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-46724"
},
{
"category": "external",
"summary": "RHBZ#2247567",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247567"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-46724",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-46724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46724"
},
{
"category": "external",
"summary": "http://www.squid-cache.org/Versions/v5/SQUID-2023_4.patch",
"url": "http://www.squid-cache.org/Versions/v5/SQUID-2023_4.patch"
},
{
"category": "external",
"summary": "http://www.squid-cache.org/Versions/v6/SQUID-2023_4.patch",
"url": "http://www.squid-cache.org/Versions/v6/SQUID-2023_4.patch"
},
{
"category": "external",
"summary": "https://github.com/squid-cache/squid/commit/b70f864940225dfe69f9f653f948e787f99c3810",
"url": "https://github.com/squid-cache/squid/commit/b70f864940225dfe69f9f653f948e787f99c3810"
},
{
"category": "external",
"summary": "https://github.com/squid-cache/squid/security/advisories/GHSA-73m6-jm96-c6r3",
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-73m6-jm96-c6r3"
}
],
"release_date": "2023-11-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-03T21:13:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the squid service will be restarted automatically.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0046"
},
{
"category": "workaround",
"details": "Disable the use of SSL-Bump features:\n- Remove all ssl-bump options from http_port and https_port\n- Remove all ssl_bump directives from squid.conf",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "squid: Denial of Service in SSL Certificate validation"
},
{
"cve": "CVE-2023-46728",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248521"
}
],
"notes": [
{
"category": "description",
"text": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid\u0027s Gopher gateway. The gopher protocol is always available and enabled in Squid. This issue may lead to a remote denial of service via gopher URL requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "squid: NULL pointer dereference in the gopher protocol code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-46728"
},
{
"category": "external",
"summary": "RHBZ#2248521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248521"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-46728",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-46728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46728"
},
{
"category": "external",
"summary": "https://github.com/squid-cache/squid/security/advisories/GHSA-cg5h-v6vc-w33f",
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-cg5h-v6vc-w33f"
},
{
"category": "external",
"summary": "https://megamansec.github.io/Squid-Security-Audit/gopher-nullpointer.html",
"url": "https://megamansec.github.io/Squid-Security-Audit/gopher-nullpointer.html"
}
],
"release_date": "2023-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-03T21:13:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the squid service will be restarted automatically.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0046"
},
{
"category": "workaround",
"details": "To mitigate this issue, create an access list configuration to reject all gopher URL requests:\n\nSet ACL directives in your squid.conf file (or equivalent) as follows:\nacl gopher proto gopher\nhttp_access deny gopher\n\nImportant: This sequence must be placed above any lines starting with \"http_access allow\" in your configuration.\nObservation: Some loss of performance may occur with this configuration.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "squid: NULL pointer dereference in the gopher protocol code"
},
{
"cve": "CVE-2023-49285",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"discovery_date": "2023-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2252926"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in Squid\u0027s HTTP Message processing feature. This issue may allow attackers to perform remote denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "squid: Buffer over-read in the HTTP Message processing feature",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The only security impact of this vulnerability is a remote denial of service. For this reason, this flaw was rated with an important, and not critical, severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-49285"
},
{
"category": "external",
"summary": "RHBZ#2252926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252926"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-49285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49285"
}
],
"release_date": "2023-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-03T21:13:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the squid service will be restarted automatically.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0046"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "squid: Buffer over-read in the HTTP Message processing feature"
},
{
"cve": "CVE-2023-49286",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2023-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2252923"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Squid due to an incorrect check of the return value in the helper process management. This issue may allow attackers to perform remote denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "squid: Incorrect Check of Function Return Value In Helper Process management",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The only security impact of this vulnerability is a remote denial of service. For this reason, this flaw was rated with an important, and not critical, severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-49286"
},
{
"category": "external",
"summary": "RHBZ#2252923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252923"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-49286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49286"
}
],
"release_date": "2023-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-03T21:13:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the squid service will be restarted automatically.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0046"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.src::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debuginfo-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-debugsource-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:libecap-devel-0:1.0.1-2.module+el8.9.0+19703+a1da7223.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.src::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debuginfo-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.aarch64::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.ppc64le::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.s390x::squid:4",
"AppStream-8.9.0.Z.MAIN:squid-debugsource-7:4.15-7.module+el8.9.0+20975+25f17541.5.x86_64::squid:4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "squid: Incorrect Check of Function Return Value In Helper Process management"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…