Lucene search

K
cvelistMitreCVELIST:CVE-2016-10002
HistoryJan 27, 2017 - 5:00 p.m.

CVE-2016-10002

2017-01-2717:00:00
mitre
www.cve.org

7.4 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.5%

Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.