26 matches found
Unity Linux 20.1070e Security Update: undertow (UTSA-2026-016715)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016715 advisory. A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the Expect: 100-continue header may cause an out of memory error...
MiracleLinux 8 : go-toolset:rhel8 (AXSA:2024-8861:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8861:01 advisory. net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 go/parser: golang: Calling any of the Parse functions...
EUVD-2021-0822
Malware in sbrugna...
EulerOS 2.0 SP12 : golang (EulerOS-SA-2024-2927)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an 'Expect: 100-continue' header with a non-information...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-2906)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: container-tools:rhel8 security update
An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: go-toolset:rhel8 security update
An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...
Updated golang packages fix security vulnerability
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.22 (SUSE-SU-2024:2309-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2309-1 advisory. Updated to version 1.22.5 bsc1218424: - CVE-2024-24791: Fixed a potential denial of service due to improp...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.21 (SUSE-SU-2024:2308-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2308-1 advisory. Updated to version 1.21.12 bsc1212475: - CVE-2024-24791: Fixed a potential denial of service due to...
SUSE-SU-2024:2308-1 Security update for go1.21
This update for go1.21 fixes the following issues: Updated to version 1.21.12 bsc1212475: - CVE-2024-24791: Fixed a potential denial of service due to improper handling of HTTP 100-continue headers bsc1227314...
BIT-GOLANG-2024-24791 Denial of service due to improper 100-continue handling in net/http
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...
SUSE SLES12 Security Update : go1.22 (SUSE-SU-2024:2295-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2295-1 advisory. Updated to version 1.22.5 bsc1218424: - CVE-2024-24791: Fixed a potential denial of service due to improper handling of HTTP 100-continue...
SUSE SLES12 Security Update : go1.21 (SUSE-SU-2024:2294-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2294-1 advisory. Updated to version 1.21.12 bsc1212475: - CVE-2024-24791: Fixed a potential denial of service due to improper handling of HTTP 100-continue...
FreeBSD : go -- net/http: denial of service due to improper 100-continue handling (b0374722-3912-11ef-a77e-901b0e9408dc)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b0374722-3912-11ef-a77e-901b0e9408dc advisory. The Go project reports: net/http: denial of service due to improper 100-continue handling The net/http...
CVE-2024-24791 Denial of service due to improper 100-continue handling in net/http
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...
CVE-2024-24791
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...
CVE-2024-24791
CVE-2024-24791 concerns the Go net/http client. The issue arises when a server responds with an "Expect: 100-continue" header using a non-informational status (200+). The client can be left in an invalid state, causing subsequent requests on the same connection to fail. It can be exploited via a ...
CVE-2024-24791 Denial of service due to improper 100-continue handling in net/http
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...
GO-2024-2963 Denial of service due to improper 100-continue handling in net/http
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...