CVE-2016-10739 -- glibc-sourceID: oval:org.secpod.oval:def:1902200 | Date: (C)2019-07-12 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
In the GNU C Library through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.
Platform: |
Ubuntu 16.04 |
Ubuntu 18.10 |
Ubuntu 18.04 |