Lucene search
K

5 matches found

CVE
CVE
added 2017/10/18 8:0 p.m.89 views

CVE-2015-5740

The CVE affects the Go net/http implementation (net/http/transfer.go) in versions before 1.4.3. The root cause is improper parsing of HTTP headers, which enables HTTP request smuggling via a request containing two Content-Length headers. The impact described across connected sources is remote, wi...

9.8CVSS9AI score0.03657EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/07/28 12:0 a.m.29 views

openSUSE Security Update : go (openSUSE-2016-907)

This update for go fixes the following issues : - CVE-2015-5739: 'Content Length' treated as valid header - CVE-2015-5740: Double content-length headers does not return 400 error - CVE-2015-5741: Additional hardening, not sending Content-Length w/Transfer-Encoding, Closing connections Go was...

9.8CVSS6.8AI score0.09625EPSS
Exploits0References4
Cloud Foundry
Cloud Foundry
added 2015/10/07 12:0 a.m.51 views

Golang 1.4.3 CVE Fixes | Cloud Foundry

Golang 1.4.3 CVE Fixes Low Vendor Google Versions Affected Golang v1.4.2 and lower Description Several security issues were fixed in Go’s net / http package. The CVE issue descriptions and fixes are linked below: CVE-2015-5739 – ‘Content Length’ treated as valid header:...

9.8CVSS9.1AI score0.09625EPSS
Exploits0
Amazon
Amazon
added 2015/08/24 12:0 a.m.41 views

Medium: golang, docker

Issue Overview: As discussed upstream -- http://seclists.org/oss-sec/2015/q3/294 and http://seclists.org/oss-sec/2015/q3/237 -- the Go project received notification of an HTTP request smuggling vulnerability in the net/http library. Invalid headers are parsed as valid headers like "Content Length...

9.8CVSS9.6AI score0.09625EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/08/18 12:0 a.m.39 views

Fedora 22 : golang-1.4.2-3.fc22 (2015-13002)

security fixes for net/http smuggling Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

9.8CVSS7.2AI score0.09625EPSS
Exploits0References5
Rows per page
Query Builder