VDB
ALPINE-CVE-2023-49286
ALPINE-CVE-2023-49286
PUBLISHED
CVSS 7.5 HIGH
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.22 | squid | 0, 0, 6.4-r0 |
| Alpine:v3.23 | squid | 0, 6.4-r0, 6.3-r0 |
| Alpine:v3.19 | squid | 0, 2.7.6-r11, 2.7.6-r12 |
| Alpine:v3.24 | squid | 0 |
| Alpine:v3.21 | squid | 6.4-r0, 6.3-r0, 6.2-r1 |
| Alpine:v3.20 | squid | 0, 6.4-r0, 6.3-r0 |
Timeline
- Dec 4, 2023 CVE Published
- Apr 30, 2026 Distribution Patch
- Jun 15, 2026 CVE Updated