Lucene search
MitreCVELIST:CVE-2015-5741HistoryFeb 08, 2020 - 6:02 p.m.
CVE-2015-5741
2020-02-0818:02:57
mitre
www.cve.org
1
The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields.
References
lists.fedoraproject.org/pipermail/package-announce/2015-October/167997.html
lists.fedoraproject.org/pipermail/package-announce/2015-October/168029.html
seclists.org/oss-sec/2015/q3/237
seclists.org/oss-sec/2015/q3/292
seclists.org/oss-sec/2015/q3/294
bugzilla.redhat.com/show_bug.cgi?id=1250352
github.com/golang/go/commit/300d9a21583e7cf0149a778a0611e76ff7c6680f
Related
cve
cve
CVE-2015-5741
2020-02-08 19:15:10
nvd
nvd
CVE-2015-5741
2020-02-08 19:15:10
veracode
veracode
Request Smuggling
2017-05-02 07:41:09
ubuntucve
ubuntucve
CVE-2015-5741
2020-02-08 00:00:00
prion
prion
Design/Logic Flaw
2020-02-08 19:15:00
nessus
nessus
Fedora 21 : golang-1.4.2-3.fc21 (2015-12957)
2015-08-18 00:00:00
Fedora 22 : golang-1.5.1-0.fc22 (2015-15619)
2015-10-02 00:00:00
Amazon Linux AMI : golang / docker (ALAS-2015-588)
2015-08-26 00:00:00
openvas
openvas
Fedora Update for golang FEDORA-2015-15618
2015-10-02 00:00:00
Fedora Update for golang FEDORA-2015-12957
2015-08-20 00:00:00
Fedora Update for golang FEDORA-2015-13002
2015-08-20 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: golang-1.4.2-3.fc22
2015-08-18 05:23:04
[SECURITY] Fedora 22 Update: golang-1.5.1-0.fc22
2015-10-01 18:59:26
[SECURITY] Fedora 21 Update: golang-1.4.2-3.fc21
2015-08-18 05:21:47
amazon
amazon
Medium: golang, docker
2015-08-24 22:29:00
freebsd
freebsd
go -- multiple vulnerabilities
2015-07-29 00:00:00
cloudfoundry
cloudfoundry
Golang 1.4.3 CVE Fixes | Cloud Foundry
2015-10-07 00:00:00
osv
osv
Request smuggling due to improper header parsing in net/http
2022-01-05 21:39:14
GO-2021-0157
2022-01-05 20:00:00
redhat
redhat
(RHSA-2016:1538) Moderate: golang security, bug fix, and enhancement update
2016-08-02 13:46:33
centos
centos
golang security update
2016-08-02 21:57:55