In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-01-21T19:00:00

Updated: 2024-08-06T03:30:20.151Z

Reserved: 2019-01-21T00:00:00

Link: CVE-2016-10739

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-01-21T19:29:00.247

Modified: 2024-11-21T02:44:38.177

Link: CVE-2016-10739

cve-icon Redhat

Severity : Moderate

Publid Date: 2016-04-28T00:00:00Z

Links: CVE-2016-10739 - Bugzilla