Описание
The req package before 3.43.4 for Go may send an unintended request when a malformed URL is provided, because cleanHost in http.go intentionally uses a "garbage in, garbage out" design.
EPSS
Процентиль: 35%
0.00142
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 7.2
github
больше 1 года назад
req may send an unintended request when a malformed URL is provided
EPSS
Процентиль: 35%
0.00142
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-20