Lucene search
K

179 matches found

OSV
OSV
added 2024/08/16 11:8 a.m.4 views

OESA-2024-1978 golang security update

. Security Fixes: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the...

7.5CVSS6.7AI score0.01414EPSS
Exploits0References2
OSV
OSV
added 2024/08/09 11:8 a.m.5 views

OESA-2024-1952 golang security update

. Security Fixes: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the...

7.5CVSS6.7AI score0.01414EPSS
Exploits0References2
Amazon
Amazon
added 2024/07/22 12:0 a.m.4 views

Medium: golang

Issue Overview: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the...

7.5CVSS6.8AI score0.01414EPSS
Exploits0
Amazon
Amazon
added 2024/07/22 12:0 a.m.5 views

Medium: golang

Issue Overview: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the...

7.5CVSS6.8AI score0.01414EPSS
Exploits0
Amazon
Amazon
added 2024/07/22 12:0 a.m.4 views

Medium: golang

Issue Overview: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the...

7.5CVSS7.2AI score0.01414EPSS
Exploits0
OSV
OSV
added 2024/07/04 7:19 a.m.11 views

BIT-GOLANG-2024-24791 Denial of service due to improper 100-continue handling in net/http

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...

7.5CVSS6.8AI score0.01414EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2024/07/03 3:38 a.m.3 views

SUSE CVE-2024-24791

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...

6.5CVSS7.1AI score0.01414EPSS
Exploits0References22
OSV
OSV
added 2024/07/02 10:15 p.m.2 views

DEBIAN-CVE-2024-24791

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...

7.5CVSS6.2AI score0.01414EPSS
Exploits0References1
OSV
OSV
added 2024/07/02 10:15 p.m.7 views

AZL-78960 CVE-2024-24791 affecting package golang 1.25.7-1

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...

7.5CVSS6.7AI score0.01414EPSS
Exploits0References1
OSV
OSV
added 2024/07/02 10:15 p.m.7 views

AZL-43068 CVE-2024-24791 affecting package golang for versions less than 1.22.5-1

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...

7.5CVSS6.7AI score0.01414EPSS
Exploits0References1
OSV
OSV
added 2024/07/02 10:15 p.m.2 views

UBUNTU-CVE-2024-24791

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...

7.5CVSS6.8AI score0.01414EPSS
Exploits0References9
Snyk
Snyk
added 2024/07/02 8:11 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview std/net/http is a Go standard library package std/net/http Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an...

8.7CVSS7.3AI score0.01414EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.4 views

Google Golang Security Vulnerability

Google Golang is a static strongly typed, compiled language from Google.Go's syntax is close to that of C, but differs with respect to variable declarations.Go supports garbage collection.Go's parallel model is based on Tony Hall's Communicating Sequential Processes CSP, and other languages that...

7.5CVSS9AI score0.01414EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2024/02/15 7:57 p.m.614 views

Exploit for Improper Input Validation in Microsoft

CVE-2024-21413 - Expect Script POC Microsoft Outlook Leak cre...

9.8CVSS10AI score0.9466EPSS
Exploits30
GithubExploit
GithubExploit
added 2024/01/29 5:8 p.m.507 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2023-35636 Microsoft Outlook Information Disclosure Vulner...

6.5CVSS6.8AI score0.17559EPSS
Exploits1
GithubExploit
GithubExploit
added 2023/12/26 5:2 p.m.515 views

Exploit for Insufficient Verification of Data Authenticity in Postfix

CVE-2023-51764 Postfix SMTP Smuggling - Expect Script POC sen...

5.3CVSS5.2AI score0.02598EPSS
Exploits4
0day.today
0day.today
added 2023/03/31 12:0 a.m.159 views

ASKEY RTF3505VW-N1 - Privilege Escalation Exploit

Exploit Title: ASKEY RTF3505VW-N1 - Privilege escalation Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.askey.com Platform: ASKEY router devices RTF3505VW-N1 Tested on: Firmware BRSVg000R3505VMN1001s327 Vulnerability analysis:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/31 12:0 a.m.189 views

ASKEY RTF3505VW-N1 - Privilege Escalation

Exploit Title: ASKEY RTF3505VW-N1 - Privilege escalation Date: 07-12-2022 Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.askey.com Platform: ASKEY router devices RTF3505VW-N1 Tested on: Firmware BRSVg000R3505VMN1001s327 Vulnerability analysis:...

7.4AI score
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:58 p.m.68 views

K6669: Apache HTTP Expect header handling

Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...

4.3CVSS7.2AI score0.94281EPSS
Exploits7
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.8 views

SUSE CVE-2006-3918

httpprotocol.c in 1 IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and 2 Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site...

4.3CVSS6AI score0.94281EPSS
Exploits7References8
Rows per page
Query Builder