net/http: Denial of service due to improper 100-continue handling in net/http

A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service...

Moderate: Red Hat Security Advisory: toolbox security update

An update for toolbox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

net/http: Denial of service due to improper 100-continue handling in net/http

A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service...

Moderate: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip:...

ALSA-2024:9098 Moderate: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: containers/image: digest type does not guarantee valid type CVE-2024-3727 golang: net: malformed DNS message can cause infinite...

ALSA-2024:9115 Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip:...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-2906)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:3938-1 Security update for go1.22-openssl

This update for go1.22-openssl fixes the following issues: This update ships go1.22-openssl 1.22.7.1 jscSLE-18320 - Update to version 1.22.7.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.7-1-openssl-fips. Update to Go 1.22.7 229 - go1.22.7 released 2024-09-05 includes...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.68 security update

Red Hat OpenShift Container Platform release 4.12.68 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.53 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

SUSE-SU-2024:3772-1 Security update for go1.22-openssl

This update for go1.22-openssl fixes the following issues: This update ships go1.22-openssl 1.22.7.1 jscSLE-18320 - Update to version 1.22.7.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.7-1-openssl-fips. Update to Go 1.22.7 229 - go1.22.7 released 2024-09-05 includes...

grafana security update

An update is available for grafana. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor fo...

RLSA-2024:7349 Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 For more details about the security issues, including the impact, a CVSS score...

RockyLinux 8 : grafana (RLSA-2024:7349)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:7349 advisory. net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 Tenable has extracted the preceding description block directly from t...

ROS-20241024-01

A vulnerability in the net/http module of the Go programming language is related to improper input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

USN-7081-1 golang-1.22 vulnerabilities

It was discovered that the Go net/http module did not properly handle responses to requests with an "Expect: 100-continue" header under certain circumstances. An attacker could possibly use this issue to cause a denial of service. CVE-2024-24791 It was discovered that the Go parser module did not...

Ubuntu: Security Advisory (USN-7081-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Go vulnerabilities (USN-7081-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7081-1 advisory. It was discovered that the Go net/http module did not properly handle responses to requests with an Expect: 100-continue header...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2024:8038)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8038 advisory. golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 go/parser: golang: Calling...