Lucene search
+L

122 matches found

OSV
OSV
added 2021/08/08 6:15 a.m.28 views

CVE-2021-36221

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort...

5.9CVSS6.6AI score
Exploits0References12
Prion
Prion
added 2021/08/08 6:15 a.m.27 views

Race condition

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort...

4.3CVSS6.4AI score0.03128EPSS
Exploits0References12Affected Software5
AlpineLinux
AlpineLinux
added 2021/08/08 12:0 a.m.54 views

CVE-2021-36221

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort...

5.9CVSS7AI score0.03128EPSS
Exploits0
Debian CVE
Debian CVE
added 2021/08/08 12:0 a.m.25 views

CVE-2021-36221

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort...

5.9CVSS7AI score0.03128EPSS
Exploits0
Cvelist
Cvelist
added 2021/08/08 12:0 a.m.28 views

CVE-2021-36221

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort...

6.8AI score0.03128EPSS
Exploits0References12
NVD
NVD
added 2021/08/02 7:15 p.m.27 views

CVE-2021-33197

In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy from net/http/httputil result in a situation where an attacker is able to drop arbitrary headers...

5.3CVSS0.02279EPSS
Exploits1References3
OSV
OSV
added 2021/08/02 7:15 p.m.21 views

CVE-2021-33197

In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy from net/http/httputil result in a situation where an attacker is able to drop arbitrary headers...

5.3CVSS7.1AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/08/02 7:15 p.m.34 views

CVE-2021-33197

In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy from net/http/httputil result in a situation where an attacker is able to drop arbitrary headers...

5.3CVSS6.8AI score0.02279EPSS
Exploits1References3
Prion
Prion
added 2021/08/02 7:15 p.m.22 views

Design/Logic Flaw

In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy from net/http/httputil result in a situation where an attacker is able to drop arbitrary headers...

4.3CVSS6.2AI score0.02279EPSS
Exploits1References3Affected Software1
AlpineLinux
AlpineLinux
added 2021/08/02 6:54 p.m.39 views

CVE-2021-33197

In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy from net/http/httputil result in a situation where an attacker is able to drop arbitrary headers...

5.3CVSS6.8AI score0.02279EPSS
Exploits1
CVE
CVE
added 2021/08/02 6:54 p.m.454 views

CVE-2021-33197

The CVE-2021-33197 entry concerns the Go standard library’s ReverseProxy (net/http/httputil). Affected Go versions: before 1.15.13 and 1.16.x before 1.16.5. The underlying issue is described as: certain ReverseProxy configurations can cause an attacker to drop arbitrary headers. Impact, per the p...

5.3CVSS6.4AI score0.02279EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/08/02 6:54 p.m.26 views

CVE-2021-33197

In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy from net/http/httputil result in a situation where an attacker is able to drop arbitrary headers...

6.7AI score0.02279EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2021/08/02 6:54 p.m.39 views

CVE-2021-33197

In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy from net/http/httputil result in a situation where an attacker is able to drop arbitrary headers...

5.3CVSS6.6AI score0.02279EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/07/01 12:0 a.m.44 views

SUSE SLED15 / SLES15 Security Update : go1.15 (SUSE-SU-2021:2214-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2214-1 advisory. Update to 1.15.13. Includes these security fixes - CVE-2021-33195: net: Lookup functions may return invalid host names...

7.5CVSS6.7AI score0.03464EPSS
Exploits4References14
Tenable Nessus
Tenable Nessus
added 2021/06/29 12:0 a.m.38 views

SUSE SLED15 / SLES15 Security Update : go1.16 (SUSE-SU-2021:2186-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2186-1 advisory. Update to 1.16.5. Includes these security fixes - CVE-2021-33195: net: Lookup functions may return invalid host names bsc1187443. -...

7.5CVSS6.7AI score0.03464EPSS
Exploits4References14
FreeBSD
FreeBSD
added 2021/06/21 12:0 a.m.35 views

go -- net/http: panic due to racy read of persistConn after handler panic

The Go project reports: A net/http/httputil ReverseProxy can panic due to a race condition if its Handler aborts with ErrAbortHandler, for example due to an error in copying the response body. An attacker might be able to force the conditions leading to the race condition...

5.9CVSS2AI score0.03128EPSS
Exploits0References1
Veracode
Veracode
added 2021/06/05 9:59 p.m.29 views

Denial Of Service (DoS)

go:edge is vulnerable to Denial Of Service DoS. The vulnerability exists through some configurations of ReverseProxy from net/http/httputil result in a situation where an attacker is able to drop arbitrary headers...

5.3CVSS6.5AI score0.02279EPSS
Exploits1References4Affected Software23
Tenable Nessus
Tenable Nessus
added 2021/06/04 12:0 a.m.157 views

FreeBSD : go -- multiple vulnerabilities (079b3641-c4bd-11eb-a22a-693f0544ae52)

The Go project reports : The SetString and UnmarshalText methods of math/big.Rat may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents. ReverseProxy in net/http/httputil could be made to forward certain hop-by-hop headers, including Connection. In case the...

7.5CVSS7.2AI score0.03464EPSS
Exploits4References9
FreeBSD
FreeBSD
added 2021/05/01 12:0 a.m.53 views

go -- multiple vulnerabilities

The Go project reports: The SetString and UnmarshalText methods of math/big.Rat may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents. ReverseProxy in net/http/httputil could be made to forward certain hop-by-hop headers, including Connection. In case the...

0.1AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/12/22 12:0 a.m.38 views

RHEL 8 : Red Hat OpenShift Service Mesh 1.1.11 (RHSA-2020:5649)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5649 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...

7.5CVSS7AI score0.0473EPSS
Exploits0References7
Rows per page
Query Builder