{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-22T08:02:50.185","vulnerabilities":[{"cve":{"id":"CVE-2023-46728","sourceIdentifier":"security-advisories@github.com","published":"2023-11-06T18:15:08.637","lastModified":"2026-06-17T06:31:25.867","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggering this bug are possible to be received from any gopher server, even those without malicious intent. Gopher support has been removed in Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should reject all gopher URL requests."},{"lang":"es","value":"Squid es un proxy de almacenamiento en caché para la Web que admite HTTP, HTTPS, FTP y más. Debido a un bug de desreferencia de NULL pointer, Squid es vulnerable a un ataque de Denegación de Servicio contra la puerta de enlace Gopher de Squid. El protocolo Gopher siempre está disponible y habilitado en Squid antes de Squid 6.0.1. Es posible recibir respuestas que desencadenen este error desde cualquier servidor Gopher, incluso aquellos sin intenciones maliciosas. La compatibilidad con Gopher se eliminó en la versión 6.0.1 de Squid. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben rechazar todas las solicitudes de URL de Gopher."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"squid-cache","product":"squid","versions":[{"version":"< 6.0.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-27T16:14:28.614073Z","id":"CVE-2023-46728","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*","versionEndExcluding":"6.0.1","matchCriteriaId":"4205423B-C18E-4565-867C-BF885D21DF03"}]}]}],"references":[{"url":"https://github.com/squid-cache/squid/commit/6ea12e8fb590ac6959e9356a81aa3370576568c3","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-cg5h-v6vc-w33f","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/","source":"security-advisories@github.com"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/","source":"security-advisories@github.com"},{"url":"https://security.netapp.com/advisory/ntap-20231214-0006/","source":"security-advisories@github.com"},{"url":"https://github.com/squid-cache/squid/commit/6ea12e8fb590ac6959e9356a81aa3370576568c3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-cg5h-v6vc-w33f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/09/msg00027.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20231214-0006/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}