CVE-2016-4053
Description
Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
Risk Information
Base Score
3.7
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
9.506
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Web proxy cache server (USN-2995-1) squid3_3.3.8-1ubuntu6.8_i386.deb | Linux |
| Web proxy cache server (USN-2995-1) squid3_3.3.8-1ubuntu16.3_i386.deb | Linux |
| Web proxy cache server (USN-2995-1) squid3_3.3.8-1ubuntu16.3_amd64.deb | Linux |
| Web proxy cache server (USN-2995-1) squid-cgi_3.3.8-1ubuntu16.3_i386.deb | Linux |
| Web proxy cache server (USN-2995-1) squid-cgi_3.3.8-1ubuntu16.3_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234