DEBIAN-CVE-2023-49286

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2023-49286
Import Source
https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-49286.json
JSON Data
https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-49286
Upstream
Published
2023-12-04T23:15:27Z
Modified
2025-09-19T07:33:30.723246Z
Summary
[none]
Details

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

References

Affected packages

Debian:11 / squid

Package

Name
squid
Purl
pkg:deb/debian/squid?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.13-10+deb11u3

Affected versions

4.*

4.13-10
4.13-10+deb11u1
4.13-10+deb11u2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / squid

Package

Name
squid
Purl
pkg:deb/debian/squid?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.7-2+deb12u1

Affected versions

5.*

5.7-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / squid

Package

Name
squid
Purl
pkg:deb/debian/squid?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.5-1

Ecosystem specific 

{
    "urgency": "low"
}

Debian:14 / squid

Package

Name
squid
Purl
pkg:deb/debian/squid?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.5-1

Ecosystem specific 

{
    "urgency": "low"
}