1115 matches found
openSUSE: Security Advisory for go1.13 (openSUSE-SU-2020:1087-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for go1.13 (important)
openSUSE Security Update: Security update for go1.13 Announcement ID: openSUSE-SU-2020:1095-1 Rating: important References: 1149259 1169832 1172868 1174153 1174191 Cross-References: CVE-2020-14039 CVE-2020-15586 Affected Products: openSUSE Leap 15.2 An update that solves two vulnerabilities and h...
OPENSUSE-SU-2020:1087-1 Security update for go1.13
This update for go1.13 fixes the following issues: - go1.13.14 released 2020/07/16 includes fixes to the compiler, vet, and the database/sql, net/http, and reflect packages Refs bsc1149259 go1.13 release tracking go39925 net/http: panic on misformed If-None-Match Header with http.ServeContent...
Security update for go1.13 (important)
openSUSE Security Update: Security update for go1.13 Announcement ID: openSUSE-SU-2020:1087-1 Rating: important References: 1149259 1169832 1172868 1174153 1174191 Cross-References: CVE-2020-14039 CVE-2020-15586 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and h...
CVE-2020-15586
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...
CVE-2020-15586
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...
AZL-38206 CVE-2020-15586 affecting package python-tensorboard for versions less than 2.16.2-1
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...
AZL-79042 CVE-2020-15586 affecting package golang 1.25.7-1
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...
DEBIAN-CVE-2020-15586
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...
CVE-2020-15586
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...
UBUNTU-CVE-2020-15586
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...
CVE-2020-15586
CVE-2020-15586 affects Go before 1.13.13 and 1.14.x before 1.14.5, via a data race in certain net/http servers demonstrated by the httputil.ReverseProxy handler. The race occurs because a request body is read while a response is being written. Impact in the public documentation includes a potenti...
CVE-2020-15586
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...
CVE-2020-15586
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...
CVE-2020-15586
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...
PT-2020-14513
Name of the Vulnerable Software and Affected Versions Go versions 1.13.x through 1.13.12 Go versions 1.14.x through 1.14.4 Description The issue is related to a data race in some net/http servers. This occurs when the server concurrently reads a request body and writes a response, as demonstrated...
AZL-78996 CVE-2015-5741 affecting package golang 1.25.7-1
The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields...
CVE-2015-5741
The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields...
Design/Logic Flaw
The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields...
CVE-2015-5741
CVE-2015-5741 : The Go net/http implementation (net/http/transfer.go) before 1.4.3 fails to correctly parse HTTP headers, enabling remote attackers to perform HTTP request smuggling via requests containing both Content-Length and Transfer-Encoding. This is documented across multiple sources in th...