VDB

GCVE-110-MAGEIA-2016-296

GCVE-110-MAGEIA-2016-296
Advisory Published
Vulnetix · Advisory published August 31, 2016
Fix for CVE-2016-1000110 HTTPoxy attack. Many software projects and vendors have implemented support for the “Proxy” request header in their respective CGI implementations and languages by creating the “HTTP_PROXY” environmental variable based on the header value. When this variable is used (in many cases automatically by various HTTP client libraries) any outgoing requests generated in turn from the attackers original request can be redirected to an attacker controlled proxy. This allows attackers to view potentially sensitive information, reply with malformed data, or to hold connections open causing a potential denial of service.

Affected Products

VendorProductVersionsPlatforms
Mageiapython30 (affected), 3.4.3-1.5.mga5 (unaffected)
Mageiapython0 (affected), 2.7.9-2.4.mga5 (unaffected)
AWSconnect

Browse GCVE Records

72,921 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›