VDB

GCVE-110-MAGEIA-2016-80

GCVE-110-MAGEIA-2016-80
Advisory Published
Vulnetix · Advisory published February 19, 2016
A request smuggling vulnerability was found in Node.js that can be exploited under certain unspecified circumstances (CVE-2016-2086). It was reported that HTTP header parsing in Node.js is vulnerable to response splitting attacks. While Node.js has been protecting against response splitting attacks by checking for CRLF characters, it is possible to compose response headers using Unicode characters that decompose to these characters, bypassing the checks previously in place (CVE-2016-2216).

Affected Products

VendorProductVersionsPlatforms
Mageiax11-driver-video-intel2.99.917-14.2.mga5 (unaffected), 0 (affected)
Mageianodejs0 (affected), 0.10.42-1.mga5 (unaffected), 0 (affected), 0.10.42-1.mga5 (unaffected)

Browse GCVE Records

73,044 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›