Several security issues have been discovered in the Squid caching proxy. CVE-2016-4051: CESG and Yuriy M. Kaminskiy discovered that Squid cachemgr.cgi was vulnerable to a buffer overflow when processing remotely supplied inputs relayed through Squid. CVE-2016-4052: CESG discovered that a buffer overflow made Squid vulnerable to a Denial of Service attack when processing ESI responses. CVE-2016-4053: CESG found that Squid was vulnerable to public information disclosure of the server stack layout when processing ESI responses. CVE-2016-4054: CESG discovered that Squid was vulnerable to remote code execution when processing ESI responses. CVE-2016-4554: Jianjun Chen found that Squid was vulnerable to a header smuggling attack that could lead to cache poisoning and to bypass of same-origin security policy in Squid and some client browsers. CVE-2016-4555, CVE-2016-4556: "bfek-18" and "@vftable" found that Squid was vulnerable to a Denial of Service attack when processing ESI responses, due to incorrect pointer handling and reference counting.