CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
82.8%
squid is vulnerable to Denial Of Service (DoS). In this context, a remote attacker could potentially perform a Denial of Service (DoS) attack by sending FTP URLs in HTTP Request messages or by constructing FTP URLs from FTP Native input. This type of attack might lead to service disruption or unresponsiveness.
access.redhat.com/errata/RHSA-2023:6266
access.redhat.com/errata/RHSA-2023:6268
access.redhat.com/errata/RHSA-2023:6748
access.redhat.com/security/cve/CVE-2023-46848
bugzilla.redhat.com/show_bug.cgi?id=2245919
github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w
security-tracker.debian.org/tracker/CVE-2023-46848
security.netapp.com/advisory/ntap-20231214-0005/