Back to search
CVE-2016-10739
Published: Jan 21, 2019
Modified: Aug 6, 2024
PUBLISHED
Description
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://sourceware.org/bugzilla/show_bug.cgi?id=20018
x_refsource_MISC
106672
vdb-entry
x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=1347549
x_refsource_MISC
openSUSE-SU-2019:1250
vendor-advisory
x_refsource_SUSE
RHSA-2019:2118
vendor-advisory
x_refsource_REDHAT
RHSA-2019:3513
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now