vulnerability

Ubuntu: USN-2995-1 (CVE-2016-4555): Squid vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

May 10, 2016

Added

Jun 9, 2016

Modified

Mar 27, 2026

Description

client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.

Solutions

ubuntu-upgrade-squid-cgiubuntu-upgrade-squid3

References

CVE-2016-4555
https://attackerkb.com/topics/CVE-2016-4555
CWE-20
DEBIAN-DLA-478-1
DEBIAN-DSA-3625
EUVD-EUVD-2016-5542
NVD-CVE-2016-4555
UBUNTU-USN-2995-1
https://euvd.enisa.europa.eu/vulnerability/EUVD-2016-5542

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report