Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/squid3@3.0.PRE5-5
Typedeb
Namespacedebian
Namesquid3
Version3.0.PRE5-5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.5.23-5+deb9u1
Latest_non_vulnerable_version3.5.23-5+deb9u1
Affected_by_vulnerabilities
0
url VCID-2fq8-mupa-gfc9
vulnerability_id VCID-2fq8-mupa-gfc9
summary Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4054.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4054.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4054
reference_id
reference_type
scores
0
value 0.79915
scoring_system epss
scoring_elements 0.99128
published_at 2026-06-07T12:55:00Z
1
value 0.79915
scoring_system epss
scoring_elements 0.99129
published_at 2026-06-05T12:55:00Z
2
value 0.79915
scoring_system epss
scoring_elements 0.9913
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4054
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1329136
reference_id 1329136
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1329136
13
reference_url https://security.gentoo.org/glsa/201607-01
reference_id GLSA-201607-01
reference_type
scores
url https://security.gentoo.org/glsa/201607-01
14
reference_url https://access.redhat.com/errata/RHSA-2016:1138
reference_id RHSA-2016:1138
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1138
15
reference_url https://access.redhat.com/errata/RHSA-2016:1139
reference_id RHSA-2016:1139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1139
16
reference_url https://access.redhat.com/errata/RHSA-2016:1140
reference_id RHSA-2016:1140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1140
17
reference_url https://usn.ubuntu.com/2995-1/
reference_id USN-2995-1
reference_type
scores
url https://usn.ubuntu.com/2995-1/
fixed_packages
0
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kks8-56y6-6kew
1
vulnerability VCID-vtfj-m8fv-67fz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u5
aliases CVE-2016-4054
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2fq8-mupa-gfc9
1
url VCID-2zct-5w44-gkag
vulnerability_id VCID-2zct-5w44-gkag
summary Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4053.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4053.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4053
reference_id
reference_type
scores
0
value 0.16544
scoring_system epss
scoring_elements 0.95028
published_at 2026-06-04T12:55:00Z
1
value 0.16544
scoring_system epss
scoring_elements 0.95037
published_at 2026-06-05T12:55:00Z
2
value 0.16544
scoring_system epss
scoring_elements 0.95038
published_at 2026-06-06T12:55:00Z
3
value 0.16544
scoring_system epss
scoring_elements 0.9504
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4053
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1329136
reference_id 1329136
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1329136
13
reference_url https://security.gentoo.org/glsa/201607-01
reference_id GLSA-201607-01
reference_type
scores
url https://security.gentoo.org/glsa/201607-01
14
reference_url https://access.redhat.com/errata/RHSA-2016:1138
reference_id RHSA-2016:1138
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1138
15
reference_url https://access.redhat.com/errata/RHSA-2016:1139
reference_id RHSA-2016:1139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1139
16
reference_url https://access.redhat.com/errata/RHSA-2016:1140
reference_id RHSA-2016:1140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1140
17
reference_url https://usn.ubuntu.com/2995-1/
reference_id USN-2995-1
reference_type
scores
url https://usn.ubuntu.com/2995-1/
fixed_packages
0
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kks8-56y6-6kew
1
vulnerability VCID-vtfj-m8fv-67fz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u5
aliases CVE-2016-4053
risk_score 1.2
exploitability 0.5
weighted_severity 2.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zct-5w44-gkag
2
url VCID-4238-kt68-byew
vulnerability_id VCID-4238-kt68-byew
summary Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4052.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4052.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4052
reference_id
reference_type
scores
0
value 0.23622
scoring_system epss
scoring_elements 0.96087
published_at 2026-06-04T12:55:00Z
1
value 0.23622
scoring_system epss
scoring_elements 0.96092
published_at 2026-06-05T12:55:00Z
2
value 0.23622
scoring_system epss
scoring_elements 0.96095
published_at 2026-06-06T12:55:00Z
3
value 0.23622
scoring_system epss
scoring_elements 0.96096
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4052
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1329136
reference_id 1329136
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1329136
13
reference_url https://security.gentoo.org/glsa/201607-01
reference_id GLSA-201607-01
reference_type
scores
url https://security.gentoo.org/glsa/201607-01
14
reference_url https://access.redhat.com/errata/RHSA-2016:1138
reference_id RHSA-2016:1138
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1138
15
reference_url https://access.redhat.com/errata/RHSA-2016:1139
reference_id RHSA-2016:1139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1139
16
reference_url https://access.redhat.com/errata/RHSA-2016:1140
reference_id RHSA-2016:1140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1140
17
reference_url https://usn.ubuntu.com/2995-1/
reference_id USN-2995-1
reference_type
scores
url https://usn.ubuntu.com/2995-1/
fixed_packages
0
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kks8-56y6-6kew
1
vulnerability VCID-vtfj-m8fv-67fz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u5
aliases CVE-2016-4052
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4238-kt68-byew
3
url VCID-5f1a-x42j-eqhg
vulnerability_id VCID-5f1a-x42j-eqhg
summary Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5400.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5400.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5400
reference_id
reference_type
scores
0
value 0.24696
scoring_system epss
scoring_elements 0.96242
published_at 2026-06-04T12:55:00Z
1
value 0.24696
scoring_system epss
scoring_elements 0.96247
published_at 2026-06-05T12:55:00Z
2
value 0.24696
scoring_system epss
scoring_elements 0.96249
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5400
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5400
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1240741
reference_id 1240741
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1240741
fixed_packages
0
url pkg:deb/debian/squid3@3.1.20-2.2%2Bdeb7u4
purl pkg:deb/debian/squid3@3.1.20-2.2%2Bdeb7u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fq8-mupa-gfc9
1
vulnerability VCID-2zct-5w44-gkag
2
vulnerability VCID-4238-kt68-byew
3
vulnerability VCID-5f1a-x42j-eqhg
4
vulnerability VCID-c1s2-z4na-afbf
5
vulnerability VCID-dzv1-2tmp-37hz
6
vulnerability VCID-kks8-56y6-6kew
7
vulnerability VCID-kqba-yqhn-hbav
8
vulnerability VCID-n33d-b5uw-1yf2
9
vulnerability VCID-pswa-8aa8-ukhw
10
vulnerability VCID-qajc-u4gq-vfbf
11
vulnerability VCID-tr27-d4mz-yydt
12
vulnerability VCID-vtfj-m8fv-67fz
13
vulnerability VCID-x6a1-9sht-uueb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.1.20-2.2%252Bdeb7u4
1
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u2~bpo70%2B1
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u2~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fq8-mupa-gfc9
1
vulnerability VCID-2zct-5w44-gkag
2
vulnerability VCID-4238-kt68-byew
3
vulnerability VCID-c1s2-z4na-afbf
4
vulnerability VCID-dzv1-2tmp-37hz
5
vulnerability VCID-kks8-56y6-6kew
6
vulnerability VCID-kqba-yqhn-hbav
7
vulnerability VCID-n33d-b5uw-1yf2
8
vulnerability VCID-pswa-8aa8-ukhw
9
vulnerability VCID-qajc-u4gq-vfbf
10
vulnerability VCID-tr27-d4mz-yydt
11
vulnerability VCID-vtfj-m8fv-67fz
12
vulnerability VCID-x6a1-9sht-uueb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u2~bpo70%252B1
aliases CVE-2015-5400
risk_score 0.9
exploitability 0.5
weighted_severity 1.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5f1a-x42j-eqhg
4
url VCID-c1s2-z4na-afbf
vulnerability_id VCID-c1s2-z4na-afbf
summary client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4553.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4553.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4553
reference_id
reference_type
scores
0
value 0.82841
scoring_system epss
scoring_elements 0.99264
published_at 2026-06-04T12:55:00Z
1
value 0.82841
scoring_system epss
scoring_elements 0.99265
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4553
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1334233
reference_id 1334233
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1334233
13
reference_url https://security.gentoo.org/glsa/201607-01
reference_id GLSA-201607-01
reference_type
scores
url https://security.gentoo.org/glsa/201607-01
14
reference_url https://access.redhat.com/errata/RHSA-2016:1139
reference_id RHSA-2016:1139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1139
15
reference_url https://access.redhat.com/errata/RHSA-2016:1140
reference_id RHSA-2016:1140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1140
16
reference_url https://usn.ubuntu.com/2995-1/
reference_id USN-2995-1
reference_type
scores
url https://usn.ubuntu.com/2995-1/
fixed_packages
0
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kks8-56y6-6kew
1
vulnerability VCID-vtfj-m8fv-67fz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u5
aliases CVE-2016-4553
risk_score 5.0
exploitability 2.0
weighted_severity 2.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c1s2-z4na-afbf
5
url VCID-dzv1-2tmp-37hz
vulnerability_id VCID-dzv1-2tmp-37hz
summary squid: Information disclosure in HTTP request processing
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10002.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10002.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10002
reference_id
reference_type
scores
0
value 0.14676
scoring_system epss
scoring_elements 0.94606
published_at 2026-06-04T12:55:00Z
1
value 0.14676
scoring_system epss
scoring_elements 0.94615
published_at 2026-06-06T12:55:00Z
2
value 0.14676
scoring_system epss
scoring_elements 0.94617
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10002
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10002
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1405941
reference_id 1405941
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1405941
5
reference_url https://access.redhat.com/errata/RHSA-2017:0182
reference_id RHSA-2017:0182
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0182
6
reference_url https://access.redhat.com/errata/RHSA-2017:0183
reference_id RHSA-2017:0183
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0183
7
reference_url https://usn.ubuntu.com/3192-1/
reference_id USN-3192-1
reference_type
scores
url https://usn.ubuntu.com/3192-1/
fixed_packages
0
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kks8-56y6-6kew
1
vulnerability VCID-vtfj-m8fv-67fz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u5
aliases CVE-2016-10002
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzv1-2tmp-37hz
6
url VCID-kks8-56y6-6kew
vulnerability_id VCID-kks8-56y6-6kew
summary The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000024.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000024.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000024
reference_id
reference_type
scores
0
value 0.09177
scoring_system epss
scoring_elements 0.92842
published_at 2026-06-04T12:55:00Z
1
value 0.09177
scoring_system epss
scoring_elements 0.92854
published_at 2026-06-05T12:55:00Z
2
value 0.09177
scoring_system epss
scoring_elements 0.9285
published_at 2026-06-06T12:55:00Z
3
value 0.09177
scoring_system epss
scoring_elements 0.92846
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000024
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000024
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000024
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000027
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000027
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1536939
reference_id 1536939
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1536939
6
reference_url https://access.redhat.com/errata/RHSA-2020:1068
reference_id RHSA-2020:1068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1068
7
reference_url https://usn.ubuntu.com/3557-1/
reference_id USN-3557-1
reference_type
scores
url https://usn.ubuntu.com/3557-1/
8
reference_url https://usn.ubuntu.com/4059-2/
reference_id USN-4059-2
reference_type
scores
url https://usn.ubuntu.com/4059-2/
fixed_packages
0
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kks8-56y6-6kew
1
vulnerability VCID-vtfj-m8fv-67fz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u5
1
url pkg:deb/debian/squid3@3.5.23-5%2Bdeb9u1
purl pkg:deb/debian/squid3@3.5.23-5%2Bdeb9u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.5.23-5%252Bdeb9u1
aliases CVE-2018-1000024
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kks8-56y6-6kew
7
url VCID-kqba-yqhn-hbav
vulnerability_id VCID-kqba-yqhn-hbav
summary mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4554.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4554.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4554
reference_id
reference_type
scores
0
value 0.6886
scoring_system epss
scoring_elements 0.98645
published_at 2026-06-04T12:55:00Z
1
value 0.6886
scoring_system epss
scoring_elements 0.98646
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4554
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1334241
reference_id 1334241
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1334241
13
reference_url https://security.gentoo.org/glsa/201607-01
reference_id GLSA-201607-01
reference_type
scores
url https://security.gentoo.org/glsa/201607-01
14
reference_url https://access.redhat.com/errata/RHSA-2016:1138
reference_id RHSA-2016:1138
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1138
15
reference_url https://access.redhat.com/errata/RHSA-2016:1139
reference_id RHSA-2016:1139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1139
16
reference_url https://access.redhat.com/errata/RHSA-2016:1140
reference_id RHSA-2016:1140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1140
17
reference_url https://usn.ubuntu.com/2995-1/
reference_id USN-2995-1
reference_type
scores
url https://usn.ubuntu.com/2995-1/
fixed_packages
0
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kks8-56y6-6kew
1
vulnerability VCID-vtfj-m8fv-67fz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u5
aliases CVE-2016-4554
risk_score 1.2
exploitability 0.5
weighted_severity 2.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kqba-yqhn-hbav
8
url VCID-n33d-b5uw-1yf2
vulnerability_id VCID-n33d-b5uw-1yf2
summary Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4051.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4051.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4051
reference_id
reference_type
scores
0
value 0.05912
scoring_system epss
scoring_elements 0.90775
published_at 2026-06-04T12:55:00Z
1
value 0.05912
scoring_system epss
scoring_elements 0.90788
published_at 2026-06-06T12:55:00Z
2
value 0.05912
scoring_system epss
scoring_elements 0.90786
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4051
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1329126
reference_id 1329126
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1329126
13
reference_url https://security.gentoo.org/glsa/201607-01
reference_id GLSA-201607-01
reference_type
scores
url https://security.gentoo.org/glsa/201607-01
14
reference_url https://access.redhat.com/errata/RHSA-2016:1138
reference_id RHSA-2016:1138
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1138
15
reference_url https://access.redhat.com/errata/RHSA-2016:1139
reference_id RHSA-2016:1139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1139
16
reference_url https://access.redhat.com/errata/RHSA-2016:1140
reference_id RHSA-2016:1140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1140
17
reference_url https://usn.ubuntu.com/2995-1/
reference_id USN-2995-1
reference_type
scores
url https://usn.ubuntu.com/2995-1/
fixed_packages
0
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kks8-56y6-6kew
1
vulnerability VCID-vtfj-m8fv-67fz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u5
aliases CVE-2016-4051
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n33d-b5uw-1yf2
9
url VCID-pswa-8aa8-ukhw
vulnerability_id VCID-pswa-8aa8-ukhw
summary http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2571.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2571.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2571
reference_id
reference_type
scores
0
value 0.14329
scoring_system epss
scoring_elements 0.94533
published_at 2026-06-04T12:55:00Z
1
value 0.14329
scoring_system epss
scoring_elements 0.94542
published_at 2026-06-05T12:55:00Z
2
value 0.14329
scoring_system epss
scoring_elements 0.94543
published_at 2026-06-06T12:55:00Z
3
value 0.14329
scoring_system epss
scoring_elements 0.94545
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2571
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2571
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2571
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1312262
reference_id 1312262
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1312262
4
reference_url https://security.gentoo.org/glsa/201607-01
reference_id GLSA-201607-01
reference_type
scores
url https://security.gentoo.org/glsa/201607-01
5
reference_url https://access.redhat.com/errata/RHSA-2016:2600
reference_id RHSA-2016:2600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2600
6
reference_url https://usn.ubuntu.com/2921-1/
reference_id USN-2921-1
reference_type
scores
url https://usn.ubuntu.com/2921-1/
7
reference_url https://usn.ubuntu.com/3557-1/
reference_id USN-3557-1
reference_type
scores
url https://usn.ubuntu.com/3557-1/
fixed_packages
0
url pkg:deb/debian/squid3@3.1.20-2.2%2Bdeb7u4
purl pkg:deb/debian/squid3@3.1.20-2.2%2Bdeb7u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fq8-mupa-gfc9
1
vulnerability VCID-2zct-5w44-gkag
2
vulnerability VCID-4238-kt68-byew
3
vulnerability VCID-5f1a-x42j-eqhg
4
vulnerability VCID-c1s2-z4na-afbf
5
vulnerability VCID-dzv1-2tmp-37hz
6
vulnerability VCID-kks8-56y6-6kew
7
vulnerability VCID-kqba-yqhn-hbav
8
vulnerability VCID-n33d-b5uw-1yf2
9
vulnerability VCID-pswa-8aa8-ukhw
10
vulnerability VCID-qajc-u4gq-vfbf
11
vulnerability VCID-tr27-d4mz-yydt
12
vulnerability VCID-vtfj-m8fv-67fz
13
vulnerability VCID-x6a1-9sht-uueb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.1.20-2.2%252Bdeb7u4
1
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kks8-56y6-6kew
1
vulnerability VCID-vtfj-m8fv-67fz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u5
aliases CVE-2016-2571
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pswa-8aa8-ukhw
10
url VCID-qajc-u4gq-vfbf
vulnerability_id VCID-qajc-u4gq-vfbf
summary Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4556.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4556.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4556
reference_id
reference_type
scores
0
value 0.56857
scoring_system epss
scoring_elements 0.98172
published_at 2026-06-04T12:55:00Z
1
value 0.56857
scoring_system epss
scoring_elements 0.98174
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4556
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1334786
reference_id 1334786
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1334786
13
reference_url https://security.gentoo.org/glsa/201607-01
reference_id GLSA-201607-01
reference_type
scores
url https://security.gentoo.org/glsa/201607-01
14
reference_url https://access.redhat.com/errata/RHSA-2016:1138
reference_id RHSA-2016:1138
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1138
15
reference_url https://access.redhat.com/errata/RHSA-2016:1139
reference_id RHSA-2016:1139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1139
16
reference_url https://access.redhat.com/errata/RHSA-2016:1140
reference_id RHSA-2016:1140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1140
17
reference_url https://usn.ubuntu.com/2995-1/
reference_id USN-2995-1
reference_type
scores
url https://usn.ubuntu.com/2995-1/
fixed_packages
0
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kks8-56y6-6kew
1
vulnerability VCID-vtfj-m8fv-67fz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u5
aliases CVE-2016-4556
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qajc-u4gq-vfbf
11
url VCID-t7px-3uvt-a3hn
vulnerability_id VCID-t7px-3uvt-a3hn
summary HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted "Range headers with unidentifiable byte-range values."
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3609.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3609.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3609
reference_id
reference_type
scores
0
value 0.8285
scoring_system epss
scoring_elements 0.99265
published_at 2026-06-04T12:55:00Z
1
value 0.8285
scoring_system epss
scoring_elements 0.99266
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3609
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1134209
reference_id 1134209
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1134209
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776194
reference_id 776194
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776194
5
reference_url https://access.redhat.com/errata/RHSA-2014:1147
reference_id RHSA-2014:1147
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1147
6
reference_url https://access.redhat.com/errata/RHSA-2014:1148
reference_id RHSA-2014:1148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1148
7
reference_url https://usn.ubuntu.com/2327-1/
reference_id USN-2327-1
reference_type
scores
url https://usn.ubuntu.com/2327-1/
fixed_packages
0
url pkg:deb/debian/squid3@3.1.20-2.2%2Bdeb7u4
purl pkg:deb/debian/squid3@3.1.20-2.2%2Bdeb7u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fq8-mupa-gfc9
1
vulnerability VCID-2zct-5w44-gkag
2
vulnerability VCID-4238-kt68-byew
3
vulnerability VCID-5f1a-x42j-eqhg
4
vulnerability VCID-c1s2-z4na-afbf
5
vulnerability VCID-dzv1-2tmp-37hz
6
vulnerability VCID-kks8-56y6-6kew
7
vulnerability VCID-kqba-yqhn-hbav
8
vulnerability VCID-n33d-b5uw-1yf2
9
vulnerability VCID-pswa-8aa8-ukhw
10
vulnerability VCID-qajc-u4gq-vfbf
11
vulnerability VCID-tr27-d4mz-yydt
12
vulnerability VCID-vtfj-m8fv-67fz
13
vulnerability VCID-x6a1-9sht-uueb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.1.20-2.2%252Bdeb7u4
aliases CVE-2014-3609
risk_score 1.4
exploitability 2.0
weighted_severity 0.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t7px-3uvt-a3hn
12
url VCID-tr27-d4mz-yydt
vulnerability_id VCID-tr27-d4mz-yydt
summary Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3948.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3948.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3948
reference_id
reference_type
scores
0
value 0.69622
scoring_system epss
scoring_elements 0.98676
published_at 2026-06-04T12:55:00Z
1
value 0.69622
scoring_system epss
scoring_elements 0.98677
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3948
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.9
scoring_system cvssv2
scoring_elements AV:A/AC:M/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1323594
reference_id 1323594
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1323594
13
reference_url https://security.gentoo.org/glsa/201607-01
reference_id GLSA-201607-01
reference_type
scores
url https://security.gentoo.org/glsa/201607-01
14
reference_url https://access.redhat.com/errata/RHSA-2016:2600
reference_id RHSA-2016:2600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2600
15
reference_url https://usn.ubuntu.com/3557-1/
reference_id USN-3557-1
reference_type
scores
url https://usn.ubuntu.com/3557-1/
fixed_packages
0
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kks8-56y6-6kew
1
vulnerability VCID-vtfj-m8fv-67fz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u5
aliases CVE-2016-3948
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tr27-d4mz-yydt
13
url VCID-vtfj-m8fv-67fz
vulnerability_id VCID-vtfj-m8fv-67fz
summary The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000027.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000027.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000027
reference_id
reference_type
scores
0
value 0.65998
scoring_system epss
scoring_elements 0.9853
published_at 2026-06-04T12:55:00Z
1
value 0.65998
scoring_system epss
scoring_elements 0.98533
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000027
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000024
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000024
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000027
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000027
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1536942
reference_id 1536942
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1536942
6
reference_url https://access.redhat.com/errata/RHSA-2020:1068
reference_id RHSA-2020:1068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1068
7
reference_url https://usn.ubuntu.com/3557-1/
reference_id USN-3557-1
reference_type
scores
url https://usn.ubuntu.com/3557-1/
8
reference_url https://usn.ubuntu.com/4059-2/
reference_id USN-4059-2
reference_type
scores
url https://usn.ubuntu.com/4059-2/
fixed_packages
0
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kks8-56y6-6kew
1
vulnerability VCID-vtfj-m8fv-67fz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u5
1
url pkg:deb/debian/squid3@3.5.23-5%2Bdeb9u1
purl pkg:deb/debian/squid3@3.5.23-5%2Bdeb9u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.5.23-5%252Bdeb9u1
aliases CVE-2018-1000027
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vtfj-m8fv-67fz
14
url VCID-x6a1-9sht-uueb
vulnerability_id VCID-x6a1-9sht-uueb
summary client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4555.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4555.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4555
reference_id
reference_type
scores
0
value 0.62841
scoring_system epss
scoring_elements 0.98404
published_at 2026-06-04T12:55:00Z
1
value 0.62841
scoring_system epss
scoring_elements 0.98407
published_at 2026-06-05T12:55:00Z
2
value 0.62841
scoring_system epss
scoring_elements 0.98408
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4555
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3948
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4553
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4554
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4555
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4556
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1334246
reference_id 1334246
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1334246
13
reference_url https://security.gentoo.org/glsa/201607-01
reference_id GLSA-201607-01
reference_type
scores
url https://security.gentoo.org/glsa/201607-01
14
reference_url https://access.redhat.com/errata/RHSA-2016:1139
reference_id RHSA-2016:1139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1139
15
reference_url https://access.redhat.com/errata/RHSA-2016:1140
reference_id RHSA-2016:1140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1140
16
reference_url https://usn.ubuntu.com/2995-1/
reference_id USN-2995-1
reference_type
scores
url https://usn.ubuntu.com/2995-1/
fixed_packages
0
url pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
purl pkg:deb/debian/squid3@3.4.8-6%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kks8-56y6-6kew
1
vulnerability VCID-vtfj-m8fv-67fz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.4.8-6%252Bdeb8u5
aliases CVE-2016-4555
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x6a1-9sht-uueb
Fixing_vulnerabilities
Risk_score5.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/squid3@3.0.PRE5-5