AZL-32074

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-32074.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-32074

Upstream

CVE-2023-49286

Published

2023-12-04T23:15:27Z

Modified

2026-04-01T05:10:50.388877Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2023-49286 affecting package squid 5.7-5

Details

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

References

https://nvd.nist.gov/vuln/detail/CVE-2023-49286

Affected packages

Azure Linux:2 / squid

Package

Name: squid
Purl: pkg:rpm/azure-linux/squid

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

5.7-5

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-32074.json"