Описание
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| golang-1.13 | fixed | 1.13.1-1 | package | |
| golang-1.12 | fixed | 1.12.10-1 | package | |
| golang-1.11 | removed | package | ||
| golang-1.8 | removed | package | ||
| golang-1.7 | removed | package | ||
| golang | removed | package | ||
| golang | ignored | jessie | package |
Примечания
https://groups.google.com/forum/m/#!topic/golang-announce/cszieYyuL9Q
https://golang.org/issue/34540
https://github.com/golang/go/commit/5a6ab1ec3e678640befebeb3318b746a64ad986c (golang-1.13)
https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8 (golang-1.12)
EPSS
Процентиль: 94%
0.15237
Средний
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 5 лет назад
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.
CVSS3: 6.5
redhat
больше 5 лет назад
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.
CVSS3: 7.5
nvd
больше 5 лет назад
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.
github
около 3 лет назад
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.
EPSS
Процентиль: 94%
0.15237
Средний