Описание
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Builds for Red Hat OpenShift | openshift-builds-triggers-container | Will not fix | ||
| cert-manager Operator for Red Hat OpenShift | cert-manager/jetstack-cert-manager-rhel9 | Not affected | ||
| Migration Toolkit for Applications 6 | mta/mta-hub-rhel9 | Will not fix | ||
| Migration Toolkit for Applications 7 | mta/mta-hub-rhel9 | Not affected | ||
| Migration Toolkit for Virtualization | migration-toolkit-virtualization/mtv-api-rhel9 | Affected | ||
| Multicluster Engine for Kubernetes | multicluster-engine/hive-rhel8 | Will not fix | ||
| OpenShift Developer Tools and Services | helm | Affected | ||
| OpenShift Pipelines | openshift-pipelines-client | Affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | rhacm2/thanos-rhel9 | Not affected | ||
| Red Hat Advanced Cluster Security 3 | advanced-cluster-security/rhacs-main-rhel8 | Out of support scope |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http
When following an HTTP redirect to a domain which is not a subdomain m ...
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
EPSS
5.3 Medium
CVSS3