ROS-20240826-20

Vulnerability in archive-zip package of Golang programming language is related to incorrect processing of zip files.
zip files. Exploitation of the vulnerability could allow an attacker to create an arbitrary zip file

Vulnerability of net/http and net/http2 libraries of Go programming language (in part of protocol implementation) is related to uncontrolled processing of HTTP/2 protocol.
HTTP/2) is related to uncontrolled resource consumption due to incorrect header termination detection during CONT/2 frame processing.
header when processing CONTINUATION frames. Exploitation of the vulnerability could allow an attacker,
acting remotely, to cause a denial of service

A vulnerability in the net-netip component of the Golang programming language is related to incorrect operation of the Is methods
(IsPrivate, IsLoopback, etc.) methods. Exploitation of the vulnerability may allow an intruder to bypass the existing
access restriction policy

Vulnerability of net-netip component of Golang programming language is related to incorrect handling of cases,
when the server responds to a request with an “Expect: 100-continue” header with a non-informational status.
Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service