3 matches found
net/http: Request smuggling due to acceptance of invalid chunked data in net/http
A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...
Insertion of Sensitive Information Into Sent Data
Overview std/net/http is a Go standard library package std/net/http Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data. Go Vulnerability Report: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially...
The vulnerability in the implementation of Net::FTP commands in the Ruby programming language allows attackers to execute arbitrary commands.
The vulnerability of Net::FTP commands in the Ruby programming language is related to an input filtering error. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands when opening local files using Net::FTPget, Net::FTPgetbinaryfile, Net::FTPgettextfile, Net::FTPput,...