{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T19:52:25.213","vulnerabilities":[{"cve":{"id":"CVE-2023-49285","sourceIdentifier":"security-advisories@github.com","published":"2023-12-04T23:15:27.007","lastModified":"2024-11-21T08:33:11.207","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability."},{"lang":"es","value":"Squid es un proxy de almacenamiento en caché para la Web que admite HTTP, HTTPS, FTP y más. Debido a un error de sobrelectura del búfer, Squid es vulnerable a un ataque de denegación de servicio contra el procesamiento de mensajes HTTP de Squid. Este error se solucionó con la versión 6.5 de Squid. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-126"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*","versionEndIncluding":"6.4","matchCriteriaId":"64A6EFAB-804C-4B6B-B609-2F5A797EACB0"}]}]}],"references":[{"url":"http://www.squid-cache.org/Versions/v5/SQUID-2023_7.patch","source":"security-advisories@github.com","tags":["Broken Link"]},{"url":"http://www.squid-cache.org/Versions/v6/SQUID-2023_7.patch","source":"security-advisories@github.com","tags":["Broken Link"]},{"url":"https://github.com/squid-cache/squid/commit/77b3fb4df0f126784d5fd4967c28ed40eb8d521b","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/squid-cache/squid/commit/deee944f9a12c9fd399ce52f3e2526bb573a9470","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-8w9r-p88v-mmx9","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html","source":"security-advisories@github.com"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/","source":"security-advisories@github.com"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/","source":"security-advisories@github.com"},{"url":"https://security.netapp.com/advisory/ntap-20240119-0004/","source":"security-advisories@github.com"},{"url":"http://www.squid-cache.org/Versions/v5/SQUID-2023_7.patch","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"http://www.squid-cache.org/Versions/v6/SQUID-2023_7.patch","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://github.com/squid-cache/squid/commit/77b3fb4df0f126784d5fd4967c28ed40eb8d521b","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/squid-cache/squid/commit/deee944f9a12c9fd399ce52f3e2526bb573a9470","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/squid-cache/squid/security/advisories/GHSA-8w9r-p88v-mmx9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20240119-0004/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}