VDB
DEBIAN-CVE-2023-5824
DEBIAN-CVE-2023-5824
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service.
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | squid | 4.13-10, 4.13-10+deb11u1, 4.13-10+deb11u2 |
| Debian:14 | squid | 0, 0, 0 |
| Debian:13 | squid | 0, 0, 0 |
| Debian:12 | squid | 5.7-2, 5.7-2, 5.7-2 |
Timeline
- Nov 3, 2023 CVE Published
- Apr 28, 2026 CVE Updated