Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Squid Reachable Assertion Vulnerability (CVE-2023-49286)

Description

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Remediation

References

Related Vulnerabilities

Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3541)

WordPress 4.9.x Cross-Site Request Forgery (4.9 - 4.9.9)

WordPress Plugin Testimonials Widget Cross-Site Scripting (3.5.1)

WordPress Plugin Category Grid View Gallery TimThumb Arbitrary File Upload (0.1.1)

Oracle JRE CVE-2020-14779 Vulnerability (CVE-2020-14779)

Severity

High

Classification

CVE-2023-49286 CWE-617 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities