Squid · Squid · CVE-2016-3948
**Name of the Vulnerable Software and Affected Versions**
Squid versions 3.x through 3.5.15
Squid versions 4.x through 4.0.7
**Description**
The issue is related to improper bounds checking, which can be exploited by remote attackers to cause a denial of service via a crafted HTTP response. This is specifically related to Vary headers.
**Recommendations**
For Squid versions 3.x through 3.5.15, update to version 3.5.16 or later.
For Squid versions 4.x through 4.0.7, update to version 4.0.8 or later.