ODIN | CVE Details

Products

Cyber threat intelligence platform

Threat detection and intelligence capabilities built for federal bodies

Identify, Prioritize and Mitigate darkweb risks

The Cyber Express

Cyber Security News and Magazine

Search

Hosts Exposed Buckets Exposed Files

Resources

API Documentation Platform Guide ODIN CLI Postman SDKs

Go Python JavaScript

Contact Us

[email protected]

Legal

Terms of Service Security Disclosure Policy Privacy Policy

Leading Threat Intelligence Company

LinkedIn Twitter X Youtube

LinkedIn Github Medium Twitter X Youtube

Made with ❤️ from Cupertino

© 2026 Cyble Inc. All Rights Reserved.

172.233.201.94

Summary CVE Details Raw Data

Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet.

5984/http-proxy

Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.

5984/http-proxy

Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.

5984/http-proxy

CVE-2023-24038

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

Services

22/ssh

8.5

CVE-2023-24038

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

Services

22/ssh

8.5

CVE-2023-24038

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

Services

22/ssh

8.5

CVE-2023-24038

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

Services

22/ssh

8.5

27 Jan 2026, 06:34:53 UTC