VDB

ALPINE-CVE-2023-49286

ALPINE-CVE-2023-49286 PUBLISHED CVSS 7.5 HIGH

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Alpine:v3.22squid0, 0, 6.4-r0
Alpine:v3.23squid0, 6.4-r0, 6.3-r0
Alpine:v3.19squid0, 2.7.6-r11, 2.7.6-r12
Alpine:v3.24squid0
Alpine:v3.21squid6.4-r0, 6.3-r0, 6.2-r1
Alpine:v3.20squid0, 6.4-r0, 6.3-r0

Timeline

  • Dec 4, 2023 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Jun 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›