CVE-2016-2570
- Source
- https://cve.org/CVERecord?id=CVE-2016-2570
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2570.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-2570
- Downstream
- Related
- Published
- 2016-02-27T05:59:04.797Z
- Modified
- 2026-03-15T22:07:36.877384Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/CustomParser.cc and esi/CustomParser.h.
- References
-
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html
- http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13993.patch
- http://www.squid-cache.org/Versions/v4/changesets/squid-4-14549.patch
- https://usn.ubuntu.com/3557-1/
- http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html
- http://www.openwall.com/lists/oss-security/2016/02/26/2
- http://www.securitytracker.com/id/1035101
- http://www.squid-cache.org/Advisories/SQUID-2016_2.txt
- http://rhn.redhat.com/errata/RHSA-2016-2600.html
- https://security.gentoo.org/glsa/201607-01
Affected packages
Git / github.com/squid-cache/squid
Affected ranges
- Type
- GIT
- Repo
- https://github.com/squid-cache/squid
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "3.0.stable1" }, { "introduced": "0" }, { "last_affected": "3.0.stable2" }, { "introduced": "0" }, { "last_affected": "3.0.stable3" }, { "introduced": "0" }, { "last_affected": "3.0.stable4" }, { "introduced": "0" }, { "last_affected": "3.0.stable5" }, { "introduced": "0" }, { "last_affected": "3.0.stable6" }, { "introduced": "0" }, { "last_affected": "3.0.stable7" }, { "introduced": "0" }, { "last_affected": "3.0.stable8" }, { "introduced": "0" }, { "last_affected": "3.0.stable9" }, { "introduced": "0" }, { "last_affected": "3.0.stable10" }, { "introduced": "0" }, { "last_affected": "3.0.stable11" }, { "introduced": "0" }, { "last_affected": "3.0.stable11-rc1" }, { "introduced": "0" }, { "last_affected": "3.0.stable12" }, { "introduced": "0" }, { "last_affected": "3.0.stable13" }, { "introduced": "0" }, { "last_affected": "3.0.stable14" }, { "introduced": "0" }, { "last_affected": "3.0.stable15" }, { "introduced": "0" }, { "last_affected": "3.0.stable16" }, { "introduced": "0" }, { "last_affected": "3.0.stable16-rc1" }, { "introduced": "0" }, { "last_affected": "3.0.stable17" }, { "introduced": "0" }, { "last_affected": "3.0.stable18" }, { "introduced": "0" }, { "last_affected": "3.0.stable19" }, { "introduced": "0" }, { "last_affected": "3.0.stable20" }, { "introduced": "0" }, { "last_affected": "3.0.stable21" }, { "introduced": "0" }, { "last_affected": "3.0.stable22" }, { "introduced": "0" }, { "last_affected": "3.0.stable23" }, { "introduced": "0" }, { "last_affected": "3.0.stable24" }, { "introduced": "0" }, { "last_affected": "3.0.stable25" }, { "introduced": "0" }, { "last_affected": "3.1" }, { "introduced": "0" }, { "last_affected": "3.1.0.1" }, { "introduced": "0" }, { "last_affected": "3.1.0.2" }, { "introduced": "0" }, { "last_affected": "3.1.0.3" }, { "introduced": "0" }, { "last_affected": "3.1.0.4" }, { "introduced": "0" }, { "last_affected": "3.1.0.5" }, { "introduced": "0" }, { "last_affected": "3.1.0.6" }, { "introduced": "0" }, { "last_affected": "3.1.0.7" }, { "introduced": "0" }, { "last_affected": "3.1.0.8" }, { "introduced": "0" }, { "last_affected": "3.1.0.9" }, { "introduced": "0" }, { "last_affected": "3.1.0.10" }, { "introduced": "0" }, { "last_affected": "3.1.0.11" }, { "introduced": "0" }, { "last_affected": "3.1.0.12" }, { "introduced": "0" }, { "last_affected": "3.1.0.13" }, { "introduced": "0" }, { "last_affected": "3.1.0.14" }, { "introduced": "0" }, { "last_affected": "3.1.0.15" }, { "introduced": "0" }, { "last_affected": "3.1.0.16" }, { "introduced": "0" }, { "last_affected": "3.1.0.17" }, { "introduced": "0" }, { "last_affected": "3.1.0.18" }, { "introduced": "0" }, { "last_affected": "3.1.1" }, { "introduced": "0" }, { "last_affected": "3.1.2" }, { "introduced": "0" }, { "last_affected": "3.1.3" }, { "introduced": "0" }, { "last_affected": "3.1.4" }, { "introduced": "0" }, { "last_affected": "3.1.5" }, { "introduced": "0" }, { "last_affected": "3.1.5.1" }, { "introduced": "0" }, { "last_affected": "3.1.6" }, { "introduced": "0" }, { "last_affected": "3.1.7" }, { "introduced": "0" }, { "last_affected": "3.1.8" }, { "introduced": "0" }, { "last_affected": "3.1.9" }, { "introduced": "0" }, { "last_affected": "3.1.10" }, { "introduced": "0" }, { "last_affected": "3.1.11" }, { "introduced": "0" }, { "last_affected": "3.1.12" }, { "introduced": "0" }, { "last_affected": "3.1.13" }, { "introduced": "0" }, { "last_affected": "3.1.14" }, { "introduced": "0" }, { "last_affected": "3.1.15" }, { "introduced": "0" }, { "last_affected": "3.2.0.1" }, { "introduced": "0" }, { "last_affected": "3.2.0.2" }, { "introduced": "0" }, { "last_affected": "3.2.0.3" }, { "introduced": "0" }, { "last_affected": "3.2.0.4" }, { "introduced": "0" }, { "last_affected": "3.2.0.5" }, { "introduced": "0" }, { "last_affected": "3.2.0.6" }, { "introduced": "0" }, { "last_affected": "3.2.0.7" }, { "introduced": "0" }, { "last_affected": "3.2.0.8" }, { "introduced": "0" }, { "last_affected": "3.2.0.9" }, { "introduced": "0" }, { "last_affected": "3.2.0.10" }, { "introduced": "0" }, { "last_affected": "3.2.0.11" }, { "introduced": "0" }, { "last_affected": "3.2.0.12" }, { "introduced": "0" }, { "last_affected": "3.2.0.13" }, { "introduced": "0" }, { "last_affected": "3.2.0.14" }, { "introduced": "0" }, { "last_affected": "3.2.0.15" }, { "introduced": "0" }, { "last_affected": "3.2.0.16" }, { "introduced": "0" }, { "last_affected": "3.2.0.17" }, { "introduced": "0" }, { "last_affected": "3.2.0.18" }, { "introduced": "0" }, { "last_affected": "3.2.0.19" }, { "introduced": "0" }, { "last_affected": "3.2.1" }, { "introduced": "0" }, { "last_affected": "3.2.2" }, { "introduced": "0" }, { "last_affected": "3.2.3" }, { "introduced": "0" }, { "last_affected": "3.2.4" }, { "introduced": "0" }, { "last_affected": "3.2.5" }, { "introduced": "0" }, { "last_affected": "3.2.6" }, { "introduced": "0" }, { "last_affected": "3.2.7" }, { "introduced": "0" }, { "last_affected": "3.2.8" }, { "introduced": "0" }, { "last_affected": "3.2.9" }, { "introduced": "0" }, { "last_affected": "3.2.10" }, { "introduced": "0" }, { "last_affected": "3.2.11" }, { "introduced": "0" }, { "last_affected": "3.2.12" }, { "introduced": "0" }, { "last_affected": "3.2.13" }, { "introduced": "0" }, { "last_affected": "3.3.0.2" }, { "introduced": "0" }, { "last_affected": "3.3.0.3" }, { "introduced": "0" }, { "last_affected": "3.3.1" }, { "introduced": "0" }, { "last_affected": "3.3.2" }, { "introduced": "0" }, { "last_affected": "3.3.3" }, { "introduced": "0" }, { "last_affected": "3.3.4" }, { "introduced": "0" }, { "last_affected": "3.3.5" }, { "introduced": "0" }, { "last_affected": "3.3.6" }, { "introduced": "0" }, { "last_affected": "3.3.7" }, { "introduced": "0" }, { "last_affected": "3.3.8" }, { "introduced": "0" }, { "last_affected": "3.3.9" }, { "introduced": "0" }, { "last_affected": "3.3.10" }, { "introduced": "0" }, { "last_affected": "3.3.11" }, { "introduced": "0" }, { "last_affected": "3.3.12" }, { "introduced": "0" }, { "last_affected": "3.3.13" }, { "introduced": "0" }, { "last_affected": "3.4.0.1" }, { "introduced": "0" }, { "last_affected": "3.4.0.2" }, { "introduced": "0" }, { "last_affected": "3.4.0.3" }, { "introduced": "0" }, { "last_affected": "3.4.1" }, { "introduced": "0" }, { "last_affected": "3.4.2" }, { "introduced": "0" }, { "last_affected": "3.4.3" }, { "introduced": "0" }, { "last_affected": "3.4.4" }, { "introduced": "0" }, { "last_affected": "3.4.8" }, { "introduced": "0" }, { "last_affected": "3.4.9" }, { "introduced": "0" }, { "last_affected": "3.4.10" }, { "introduced": "0" }, { "last_affected": "3.4.11" }, { "introduced": "0" }, { "last_affected": "3.4.12" }, { "introduced": "0" }, { "last_affected": "3.4.13" }, { "introduced": "0" }, { "last_affected": "3.5.0.1" }, { "introduced": "0" }, { "last_affected": "3.5.0.2" }, { "introduced": "0" }, { "last_affected": "3.5.0.3" }, { "introduced": "0" }, { "last_affected": "3.5.0.4" }, { "introduced": "0" }, { "last_affected": "3.5.1" }, { "introduced": "0" }, { "last_affected": "4.0.1" }, { "introduced": "0" }, { "last_affected": "4.0.2" }, { "introduced": "0" }, { "last_affected": "4.0.3" }, { "introduced": "0" }, { "last_affected": "4.0.4" }, { "introduced": "0" }, { "last_affected": "4.0.5" }, { "introduced": "0" }, { "last_affected": "4.0.6" } ] }
Affected versions
Other
BASIC_TPROXY4
HISTORIC_RELEASES
SQUID_3_0_PRE1
SQUID_3_0_PRE2
SQUID_3_0_PRE3
SQUID_3_0_PRE4
SQUID_3_0_PRE5
SQUID_3_0_PRE6
SQUID_3_0_PRE7
SQUID_3_0_RC1
SQUID_3_0_STABLE1
SQUID_3_1_0_1
SQUID_3_2_0_1
SQUID_3_3_0_1
SQUID_3_3_0_2
SQUID_3_4_0_1
SQUID_3_5_0_1
for-libecap-v0p1
merge-candidate-3-v1
sourceformat-review-1
take00
take01
take02
take03
take04
take06
take07
take08
take09
take1
take2
BumpSslServerFirst.*
BumpSslServerFirst.take01
BumpSslServerFirst.take02
BumpSslServerFirst.take03
BumpSslServerFirst.take04
BumpSslServerFirst.take05
BumpSslServerFirst.take06
BumpSslServerFirst.take07
BumpSslServerFirst.take08
BumpSslServerFirst.take09
BumpSslServerFirst.take10
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0-NA"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0-NA"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0-NA"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0-NA"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0-NA"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0-NA"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0-NA"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0-rc4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.3.0"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2570.json"