Suggestions search

All statuses

Filter by:

With package: python312Packages.flyingsquid

Found 3 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2023-46848

8.6 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Squid: denial of service in ftp

Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.

References

RHSA-2023:6266 vendor-advisory x_refsource_REDHAT
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
https://security.netapp.com/advisory/ntap-20231214-0005/
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
https://security.netapp.com/advisory/ntap-20231214-0005/
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
https://security.netapp.com/advisory/ntap-20231214-0005/
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
https://security.netapp.com/advisory/ntap-20231214-0005/
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
https://security.netapp.com/advisory/ntap-20231214-0005/
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-46848 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
https://security.netapp.com/advisory/ntap-20231214-0005/
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-46848 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
https://security.netapp.com/advisory/ntap-20231214-0005/
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-46848 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-46848 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-46848 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-46848 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-46848 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-46848 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-46848 x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
RHSA-2023:6266 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6268 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6748 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-46848 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245919 issue-tracking x_refsource_REDHAT x_transferred
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w x_transferred
https://security.netapp.com/advisory/ntap-20231214-0005/ x_transferred

Affected products

squid

*
<6.4
==6.4

squid:4/squid

Matching in nixpkgs

pkgs.squid

Caching proxy for the Web supporting HTTP, HTTPS, FTP, and more

nixos-unstable -
- nixpkgs-unstable 7.1

pkgs.prometheus-squid-exporter

Squid Prometheus exporter

nixos-unstable -
- nixpkgs-unstable 1.13.0

pkgs.python312Packages.flyingsquid

More interactive weak supervision with FlyingSquid

nixos-unstable -
- nixpkgs-unstable 0.0.0a0

pkgs.python313Packages.flyingsquid

More interactive weak supervision with FlyingSquid

nixos-unstable -
- nixpkgs-unstable 0.0.0a0

Package maintainers

@srhb Sarah Brofeldt <sbrofeldt@gmail.com>
@happysalada Raphael Megzari <raphael@megzari.com>
@7c6f434c Michael Raskin <7c6f434c@mail.ru>

Untriaged

Permalink CVE-2023-46846

9.3 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): LOW
Availability impact (A): NONE

created 6 months ago

Squid: request/response smuggling in http/1.1 and icap

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.