3 matches found
golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an...
golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an...
SUSE-SU-2022:1477-1 Security update for python-Twisted
This update for python-Twisted fixes the following issues: - CVE-2022-24801: Fixed to not be as lenient as earlier HTTP/1.1 RFCs to prevent HTTP request smuggling. bsc1198086...