Описание
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.
Ссылки
- Vendor Advisory
- Issue TrackingThird Party Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
- Vendor Advisory
- Issue TrackingThird Party Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.3.8 (исключая)
cpe:2.3:a:golang:text:*:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00054
Низкий
7.5 High
CVSS3
Дефекты
CWE-772
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 3 лет назад
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.
CVSS3: 7.5
redhat
больше 3 лет назад
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.
CVSS3: 7.5
debian
больше 3 лет назад
An attacker may cause a denial of service by crafting an Accept-Langua ...
CVSS3: 7.5
github
больше 3 лет назад
golang.org/x/text/language Denial of service via crafted Accept-Language header
EPSS
Процентиль: 17%
0.00054
Низкий
7.5 High
CVSS3
Дефекты
CWE-772