3 matches found
golang: net/http/httputil: panic due to racy read of persistConn after handler panic
A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability...
Moderate: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.5.4 security update
The Migration Toolkit for Containers MTC 1.5.4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
go -- net/http: panic due to racy read of persistConn after handler panic
The Go project reports: A net/http/httputil ReverseProxy can panic due to a race condition if its Handler aborts with ErrAbortHandler, for example due to an error in copying the response body. An attacker might be able to force the conditions leading to the race condition...