CVE-2023-46846

Medium

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response…

redhat·CWE-444·Published 2023-11-03

CVSS

5.3

EPSS

0.05

KEV

Exploits

cve.orgen

190 chars

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.

NVDen

190 chars

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.

NVDes

266 chars

SQUID es vulnerable al contrabando de solicitudes HTTP, causado por la indulgencia de los decodificadores fragmentados, lo que permite a un atacante remoto realizar el contrabando de solicitudes/respuestas a través del firewall y los sistemas de seguridad frontales.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
3.1	Primary	cve.org	9.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N