Download
| Alert*
oval:org.secpod.oval:def:503390
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix: * golang: malformed hosts in URLs leads to authorization bypass For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related i ... oval:org.secpod.oval:def:66468 Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix: * golang: malformed hosts in URLs leads to authorization bypass For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related i ... oval:org.secpod.oval:def:2004942 net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname nor Port, and is related to a non-numeric port number. For example, an attack ... oval:org.secpod.oval:def:1700223 net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname nor Port, and is related to a non-numeric port number. For example, an attack ... oval:org.secpod.oval:def:1505313 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1601044 Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory ... oval:org.secpod.oval:def:117048 The Go Programming Language. oval:org.secpod.oval:def:117049 The Go Programming Language. oval:org.secpod.oval:def:604509 Three vulnerabilities have been discovered in the Go programming language; quot;net/urlquot; accepted some invalid hosts in URLs which could result in authorisation bypass in some applications and the HTTP/2 implementation was susceptible to denial of service. oval:org.secpod.oval:def:2105901 Oracle Solaris 11 - ( CVE-2017-15041 ) oval:org.secpod.oval:def:69743 Three vulnerabilities have been discovered in the Go programming language; net/url accepted some invalid hosts in URLs which could result in authorisation bypass in some applications and the HTTP/2 implementation was susceptible to denial of service. |