CVE-2016-10003
Description
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.976
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Web proxy cache server (USN-2995-1) squid3_3.5.12-1ubuntu7.3_all.deb | Linux |
| Web proxy cache server (USN-2995-1) squid3_3.1.19-1ubuntu3.12.04.8_i386.deb | Linux |
| Web proxy cache server (USN-2995-1) squid3_3.1.19-1ubuntu3.12.04.8_amd64.deb | Linux |
| Web proxy cache server (USN-3192-1) squid3_3.3.8-1ubuntu6.9_i386.deb | Linux |
| Web proxy cache server (USN-3192-1) squid3_3.3.8-1ubuntu6.9_amd64.deb | Linux |
| Web proxy cache server (USN-3192-1) squid3_3.5.12-1ubuntu7.3_all.deb | Linux |
| Web proxy cache server (USN-3192-1) squid3_3.5.12-1ubuntu8.1_all.deb | Linux |
| Web proxy cache server (USN-3192-1) squid3_3.1.19-1ubuntu3.12.04.8_i386.deb | Linux |
| Web proxy cache server (USN-3192-1) squid3_3.1.19-1ubuntu3.12.04.8_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234