ALPINE-CVE-2023-46846

ALPINE-CVE-2023-46846 PUBLISHED CVSS 5.300000190734863 MEDIUM

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.

Risk Scores

CVSS v3.1

5.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected Products

Vendor	Product	Versions
Alpine:v3.19	squid	6.3-r0, 0, 2.7.6-r0
Alpine:v3.23	squid	6.3-r0, 6.2-r1, 6.2-r0
Alpine:v3.20	squid	5.0.7-r1, 2.7.6-r0, 2.7.6-r1
Alpine:v3.22	squid	6.3-r0, 0, 2.7.6-r1
Alpine:v3.21	squid	6.3-r0, 6.2-r1, 6.2-r0

Timeline

Nov 3, 2023 CVE Published
Dec 3, 2025 CVE Updated
Apr 30, 2026 Distribution Patch

References

https://security.alpinelinux.org/vuln/CVE-2023-46846 advisory

Open in Interactive Console →