CVE-2023-46846 Information

Share on:

Nov 04, 2023 cve

Description

SQUID is vulnerable to HTTP request smuggling caused by chunked decoder lenience allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.

Reference

https://access.redhat.com/errata/RHSA-2023:6266 https://access.redhat.com/errata/RHSA-2023:6267 https://access.redhat.com/errata/RHSA-2023:6268 https://access.redhat.com/security/cve/CVE-2023-46846 https://bugzilla.redhat.com/show_bug.cgi?id=2245910 https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh