Launchpad CVE tracker

CVE 2023-46846

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.

Related bugs and status

CVE-2023-46846 (Candidate) is related to these bugs:

Bug #2040426: Merge squid from Debian unstable for noble

Summary				In	Importance	Status
	2040426	Merge squid from Debian unstable for noble		squid (Ubuntu)	Undecided	Fix Released

Bug #2041837: squid:update to 6.4+ get fixes for CVEs

		In	Importance	Status
2041837	squid:update to 6.4+ get fixes for CVEs	Ubuntu Docker Images	Undecided	New
2041837	squid:update to 6.4+ get fixes for CVEs	squid (Ubuntu)	Undecided	Fix Released
2041837	squid:update to 6.4+ get fixes for CVEs	squid (Ubuntu Mantic)	Undecided	Fix Released
2041837	squid:update to 6.4+ get fixes for CVEs	squid (Ubuntu Noble)	Undecided	Fix Released
2041837	squid:update to 6.4+ get fixes for CVEs	squid (Ubuntu Lunar)	Undecided	Won't Fix
2041837	squid:update to 6.4+ get fixes for CVEs	squid (Ubuntu Jammy)	Undecided	Fix Released
2041837	squid:update to 6.4+ get fixes for CVEs	squid (Ubuntu Focal)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2023-46846

References