7 matches found
BIT-GOLANG-2021-36221
Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort...
EulerOS 2.0 SP10 : golang (EulerOS-SA-2022-1254)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler...
Updated golang packages fix security vulnerability
The updated golang packages fix a security vulnerability: Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort CVE-2021-36221...
SUSE SLED15 / SLES15 Security Update : go1.15 (SUSE-SU-2021:2787-1)
The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2787-1 advisory. - Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an...
CVE-2021-36221
Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort...
CVE-2021-36221
Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort...
go -- net/http: panic due to racy read of persistConn after handler panic
The Go project reports: A net/http/httputil ReverseProxy can panic due to a race condition if its Handler aborts with ErrAbortHandler, for example due to an error in copying the response body. An attacker might be able to force the conditions leading to the race condition...