High severity7.5NVD Advisory· Published Jan 27, 2017· Updated Jun 17, 2026
CVE-2016-10003
CVE-2016-10003
Description
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- osv-coords4 versionspkg:rpm/opensuse/squid&distro=openSUSE%20Tumbleweedpkg:rpm/suse/squid&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/squid&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/squid&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2
< 4.16-1.5+ 3 more
- (no CPE)range: < 4.16-1.5
- (no CPE)range: < 3.5.21-25.1
- (no CPE)range: < 3.5.21-25.1
- (no CPE)range: < 3.5.21-25.1
Patches
Vulnerability mechanics
References
4- www.openwall.com/lists/oss-security/2016/12/18/1nvdMailing ListPatchThird Party Advisory
- www.squid-cache.org/Advisories/SQUID-2016_10.txtnvdPatchVendor Advisory
- www.securityfocus.com/bid/94953nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1037512nvdBroken LinkThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.