go: multiple vulnerabilities (CVE-2020-14039, CVE-2020-15586)ID: oval:org.secpod.oval:def:1801862 | Date: (C)2021-03-15 (M)2023-11-10 |
Class: PATCH | Family: unix |
Data race in certain net/http servers including ReverseProxy Servers where the Handler concurrently reads the request body and writes a response can encounter a data race and crash. The httputil.ReverseProxy Handler is affected. X.509 verification ignores provided EKUs on Windows. On Windows, if VerifyOptions.Roots is nil, Certificate.Verify does not check the EKU requirements specified in VerifyOptions.KeyUsages.
Platform: |
Alpine Linux 3.12 |
Alpine Linux 3.13 |