Уязвимость CVE-2016-1000107

Релиз	Статус	Примечание
artful	ignored
devel	ignored
esm-infra-legacy/trusty	ignored	trusty was ignored
esm-infra/xenial	ignored
precise	ignored	end of life
precise/esm	DNE	precise was needed
trusty	ignored
trusty/esm	ignored	end of ESM support, was ignored [trusty was ignored]
upstream	needs-triage
vivid/stable-phone-overlay	DNE

CVE-2016-1000107

CVSS3: 6.1

redhat

около 6 лет назад

inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.

CVE-2016-1000107

CVSS3: 6.1

nvd

около 6 лет назад

inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.

CVE-2016-1000107

CVSS3: 6.1

debian

около 6 лет назад

inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1 ...

GHSA-v875-g963-fhg4

CVSS3: 6.1

github

больше 3 лет назад

inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.

exploitDog

CVE-2016-1000107

Описание

Ссылки на источники

Связанные уязвимости

CVE-2016-1000107

Описание

Пакет erlang

Ссылки на источники

Связанные уязвимости