1. Home
  2. Vulnerabilities
  3. CVE-2016-10003

CVE-2016-10003

CVSS v3.1 7.5 (High)
75% Progress
CVSS v2.0 5 (Medium)
50% Progress
EPSS 0.32 % (71th)
0.32% Progress
Affected Products 1
Advisories 7
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.

Weaknesses
CWE-697
Incorrect Comparison
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2017-01-27 17:59:00
(7 years ago)
Updated Date
2024-02-02 03:03:55
(7 months ago)

Affected Products

Squid-cache

Configuration #1

    CPE23 From Up To
  Squid-cache Squid from 3.5.0.1 version and prior 3.5.23 version cpe:2.3:a:squid-cache:squid >= 3.5.0.1 < 3.5.23
  Squid-cache Squid from 4.0.1 version and prior 4.0.17 version cpe:2.3:a:squid-cache:squid >= 4.0.1 < 4.0.17