Unrated severityNVD Advisory· Published Nov 3, 2023· Updated Nov 6, 2025

Squid: dos against http and https

CVE-2023-5824

Description

A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Red Hat/Enterprise Linux Servercpe-rescue4 versions
cpe:/a:redhat:enterprise_linux:8::appstream+ 3 more
- cpe:/a:redhat:enterprise_linux:8::appstreamrange: 8090020231130092412.a75119d5
- cpe:/a:redhat:enterprise_linux:9::appstreamrange: 7:5.5-6.el9_3.2
- cpe:/o:redhat:enterprise_linux:6
- cpe:/o:redhat:enterprise_linux:7
Red Hat/Enterprise Linux Update Services For Sap Solutionscpe-rescue2 versions
cpe:/a:redhat:rhel_e4s:8.4::appstream+ 1 more
- cpe:/a:redhat:rhel_e4s:8.4::appstreamrange: 8040020240122165847.522a0ee4
- cpe:/a:redhat:rhel_tus:8.2::appstreamrange: 8020020240122164331.4cda2c84
Red Hat/Red Hat Enterprise Linux 8.6 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:8.6::appstream
Range: 8060020231222131040.ad008a3a
Red Hat/Red Hat Enterprise Linux 8.8 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:8.8::appstream
Range: 8080020231222130009.63b34585
Red Hat/Red Hat Enterprise Linux 9.0 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:9.0::appstream
Range: 7:5.2-1.el9_0.4
Red Hat/Red Hat Enterprise Linux 9.2 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:9.2::appstream
Range: 7:5.5-5.el9_2.3
Squidex/Squidexllm-fuzzy
osv-coords4 versions
pkg:rpm/almalinux/libecap pkg:rpm/almalinux/libecap-devel pkg:rpm/almalinux/squid pkg:rpm/opensuse/squid&distro=openSUSE%20Tumbleweed
< 1.0.1-2.module_el8.6.0+2741+01592ae8+ 3 more
- (no CPE)range: < 1.0.1-2.module_el8.6.0+2741+01592ae8
- (no CPE)range: < 1.0.1-2.module_el8.6.0+2741+01592ae8
- (no CPE)range: < 7:5.5-6.el9_3.2
- (no CPE)range: < 6.4-1.1

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2023:7465mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2023:7668mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0072mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0397mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0771mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0772mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0773mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:1153mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/security/cve/CVE-2023-5824mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
github.com/squid-cache/squid/security/advisories/GHSA-543m-w2m2-g255mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000