8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
8.2 High
AI Score
Confidence
High
0.03 Low
EPSS
Percentile
91.0%
USN-6500-1 fixed several vulnerabilities in Squid. This update provides
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
Joshua Rogers discovered that Squid incorrectly handled the Gopher
protocol. A remote attacker could possibly use this issue to cause Squid to
crash, resulting in a denial of service. Gopher support has been disabled
in this update. (CVE-2023-46728)
Joshua Rogers discovered that Squid incorrectly handled HTTP Digest
Authentication. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2023-46847)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 18.04 | noarch | squid | < 3.5.27-1ubuntu1.14+esm1 | UNKNOWN |
Ubuntu | 18.04 | noarch | squid | < 3.5.27-1ubuntu1.14 | UNKNOWN |
Ubuntu | 18.04 | noarch | squid-cgi | < 3.5.27-1ubuntu1.14 | UNKNOWN |
Ubuntu | 18.04 | noarch | squid-common | < 3.5.27-1ubuntu1.14 | UNKNOWN |
Ubuntu | 18.04 | noarch | squid-dbg | < 3.5.27-1ubuntu1.14 | UNKNOWN |
Ubuntu | 18.04 | noarch | squid-purge | < 3.5.27-1ubuntu1.14 | UNKNOWN |
Ubuntu | 18.04 | noarch | squid3 | < 3.5.27-1ubuntu1.14 | UNKNOWN |
Ubuntu | 18.04 | noarch | squidclient | < 3.5.27-1ubuntu1.14 | UNKNOWN |
Ubuntu | 18.04 | noarch | squid3 | < 3.5.27-1ubuntu1.14+esm1 | UNKNOWN |
Ubuntu | 16.04 | noarch | squid | < 3.5.12-1ubuntu7.16+esm2 | UNKNOWN |
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
8.2 High
AI Score
Confidence
High
0.03 Low
EPSS
Percentile
91.0%