| Max CVSS | 5.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-2570 | 5.0 |
The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML d
|
16-03-2018 - 01:29 | 27-02-2016 - 05:59 | |
| CVE-2016-3948 | 5.0 |
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
|
16-03-2018 - 01:29 | 07-04-2016 - 18:59 | |
| CVE-2016-2569 | 5.0 |
Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary heade
|
16-03-2018 - 01:29 | 27-02-2016 - 05:59 | |
| CVE-2016-2571 | 5.0 |
http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed resp
|
16-03-2018 - 01:29 | 27-02-2016 - 05:59 | |
| CVE-2016-2572 | 5.0 |
http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.
|
05-01-2018 - 02:30 | 27-02-2016 - 05:59 | |
| CVE-2016-10002 | 5.0 |
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack req
|
05-01-2018 - 02:30 | 27-01-2017 - 17:59 |