Untriaged
Permalink
CVE-2023-46848
8.6 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): CHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
Squid: denial of service in ftp
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.
References
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
- RHBZ#2245919 issue-tracking x_refsource_REDHAT
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
- https://security.netapp.com/advisory/ntap-20231214-0005/
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
- RHBZ#2245919 issue-tracking x_refsource_REDHAT
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
- https://security.netapp.com/advisory/ntap-20231214-0005/
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
- RHBZ#2245919 issue-tracking x_refsource_REDHAT
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
- https://security.netapp.com/advisory/ntap-20231214-0005/
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
- RHBZ#2245919 issue-tracking x_refsource_REDHAT
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
- https://security.netapp.com/advisory/ntap-20231214-0005/
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
- RHBZ#2245919 issue-tracking x_refsource_REDHAT
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
- https://security.netapp.com/advisory/ntap-20231214-0005/
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
- https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
- RHBZ#2245919 issue-tracking x_refsource_REDHAT
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
- https://security.netapp.com/advisory/ntap-20231214-0005/
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
- https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
- RHBZ#2245919 issue-tracking x_refsource_REDHAT
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
- https://security.netapp.com/advisory/ntap-20231214-0005/
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
- https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
- RHBZ#2245919 issue-tracking x_refsource_REDHAT
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
- https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
- RHBZ#2245919 issue-tracking x_refsource_REDHAT
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
- https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
- RHBZ#2245919 issue-tracking x_refsource_REDHAT
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
- https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
- RHBZ#2245919 issue-tracking x_refsource_REDHAT
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
- https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
- RHBZ#2245919 issue-tracking x_refsource_REDHAT
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
- https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
- RHBZ#2245919 issue-tracking x_refsource_REDHAT
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
- RHSA-2023:6266 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6268 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6748 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
- https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
Affected products
squid
- *
- <6.4
- ==6.4
squid:4/squid
Matching in nixpkgs
pkgs.squid
Caching proxy for the Web supporting HTTP, HTTPS, FTP, and more
-
nixos-unstable -
- nixpkgs-unstable 7.1
pkgs.prometheus-squid-exporter
Squid Prometheus exporter
-
nixos-unstable -
- nixpkgs-unstable 1.13.0
Package maintainers
-
@srhb Sarah Brofeldt <sbrofeldt@gmail.com>
-
@happysalada Raphael Megzari <raphael@megzari.com>
-
@7c6f434c Michael Raskin <7c6f434c@mail.ru>