Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:37563
HistoryOct 14, 2022 - 11:52 a.m.

HTTP Request Smuggling

2022-10-1411:52:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
go
vulnerability
http request
smuggling
reverseproxy
remote attackers
query parameter

EPSS

0.002

Percentile

52.2%

Go is vulnerable to HTTP request smuggling. The vulnerability is due to a lack of sanitizations in the query parameter for ReverseProxy. Remote attackers can cause query parameter smuggling when a go proxy forwards a parameter with an unparseable value.