CVE-2023-5824

Name
CVE-2023-5824
Description
Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://bugzilla.redhat.com/show_bug.cgi?id=2245914
MISC https://access.redhat.com/security/cve/CVE-2023-5824
MISC https://github.com/squid-cache/squid/security/advisories/GHSA-543m-w2m2-g255
https://access.redhat.com/errata/RHSA-2023:7465
secalert@redhat.com https://security.netapp.com/advisory/ntap-20231130-0003/
secalert@redhat.com https://access.redhat.com/errata/RHSA-2023:7668
secalert@redhat.com https://access.redhat.com/errata/RHSA-2024:0072
secalert@redhat.com https://access.redhat.com/errata/RHSA-2024:0397
secalert@redhat.com https://access.redhat.com/errata/RHSA-2024:0771
secalert@redhat.com https://access.redhat.com/errata/RHSA-2024:0772
secalert@redhat.com https://access.redhat.com/errata/RHSA-2024:0773

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:* squid >= None < 6.4

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
squid 3.18-main 5.9-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
squid 3.17-main 5.7-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
squid 3.15-main 5.2-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
squid 3.16-main 5.5-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable