Lucene search
GoogleOSV:CVE-2016-1000107HistoryDec 10, 2019 - 6:15 p.m.
CVE-2016-1000107
2019-12-1018:15:09
Google
osv.dev
3
inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application’s outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an “httpoxy” issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| otp | eq | OTP-21.3.6 | |
| otp | eq | OTP-18.3.4.5 | |
| otp | eq | OTP-22.0.4 | |
| otp | eq | OTP-20.3.8.3 | |
| otp | eq | OTP-19.3.1 | |
| otp | eq | OTP_R16B02 | |
| otp | eq | OTP-17.0.2 | |
| otp | eq | OTP-18.2.4.1 | |
| otp | eq | OTP-19.3.6.12 | |
| otp | eq | OTP-20.3.2.1 |
Related
prion
prion
Design/Logic Flaw
2019-12-10 18:15:00
ubuntucve
ubuntucve
CVE-2016-1000107
2019-12-10 00:00:00
cve
cve
CVE-2016-1000107
2019-12-10 18:15:09
debiancve
debiancve
CVE-2016-1000107
2019-12-10 18:15:09
redhatcve
redhatcve
CVE-2016-1000107
2020-04-16 09:33:30
cvelist
cvelist
CVE-2016-1000107
2019-12-10 17:32:33
nvd
nvd
CVE-2016-1000107
2019-12-10 18:15:09
rosalinux
rosalinux
Advisory ROSA-SA-2021-1829
2021-07-02 16:39:36
rapid7blog
rapid7blog
NICER Protocol Deep Dive: Internet Exposure of HTTP and HTTPS
2021-01-29 14:20:22