Description

Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.

Remediation

References

CVE-2016-10003

Related Vulnerabilities

WordPress Plugin SEO Tools 'file' Parameter Directory Traversal (3.1.7)

MySQL CVE-2020-14663 Vulnerability (CVE-2020-14663)

Oracle Application Server Other Vulnerability (CVE-2007-3863)

Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-4115)

EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-5965)

Severity

High

Classification

CVE-2016-10003 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities