suse · CVE-2016-3948

Quick triage

Priority: high Published: 2021-05-30 13:41:00 UTC Updated: 2026-04-18 17:55:26 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-3948 severity important: SUSE including 15 source package names (squid, squid-3.3.14-20.2, …), 45 product×package rows across 39 product lines (HPE Helion OpenStack 8, SUSE Liberty Linux 7, … (39 product lines)): Known Not Affected 24, Fixed 21.

Description:

Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.

cvelogic Threat Intelligence