VDB
GCVE-110-MAGEIA-2016-398
GCVE-110-MAGEIA-2016-398
Advisory Published
Dominic Scheirlinck and Scott Geary of Vend reported an insecure behaviour
in the lighttpd web server. Lighttpd assigned Proxy header values from
client requests to internal HTTP_PROXY environment variables. This could
be used to carry out Man in the Middle Attacks (MIDM) or create
connections to arbitrary hosts (CVE-2016-1000212).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | lighttpd | 0 (affected), 1.4.37-1.1.mga5 (unaffected) | — |
Browse GCVE Records
73,118 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.