Vulnerability Database

300,445

Total vulnerabilities in the database

CVE-2016-10003

Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.

Published: Jan 27, 2017
Updated: Nov 9, 2025
CVE: CVE-2016-10003
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200
CWE-697

Affected Software
References

Software	From	Fixed in
squid-cache / squid	4.0.1	4.0.17
squid-cache / squid	3.5.0.1	3.5.23

http://www.openwall.com/lists/oss-security/2016/12/18/1
http://www.securityfocus.com/bid/94953
http://www.securitytracker.com/id/1037512
http://www.squid-cache.org/Advisories/SQUID-2016_10.txt

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo