vulnerability
Huawei EulerOS: CVE-2016-2570: squid security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Feb 27, 2016 | Nov 30, 2017 | Aug 13, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Feb 27, 2016
Added
Nov 30, 2017
Modified
Aug 13, 2025
Description
The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/CustomParser.cc and esi/CustomParser.h.
Solutions
huawei-euleros-2_0_sp1-upgrade-squidhuawei-euleros-2_0_sp1-upgrade-squid-migration-script
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.