CVE-2023-49286

HIGH Year: 2023
CVSS v3 Score
7.5
High
Weakness Type
CWE-253
View all →

Vulnerability Description

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Related Vulnerabilities

CVE-2024-1622

HIGH
CVSS:7.5(High)

Due to a mistake in error checking, Routinator will terminate when an incoming RTR connection is reset by the peer too quickly after opening.

CWE-2532024

CVE-2024-32475

HIGH
CVSS:7.5(High)

Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with `auto_sni` enabled, a request containing a `host`/`:authority` header longer than 255 characters ...

CWE-2532024

CVE-2017-7474

CRITICAL
CVSS:9.8(Critical)

It was found that the Keycloak Node.js adapter 2.5 - 3.0 did not handle invalid tokens correctly. An attacker could use this flaw to bypass authentication and gain access to restricted information, or...

CWE-2532017

CVE-2023-4501

CRITICAL
CVSS:9.8(Critical)

User authentication with username and password credentials is ineffective in OpenText (Micro Focus) Visual COBOL, COBOL Server, Enterprise Developer, and Enterprise Server (including product variants ...

CWE-2532023