Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-9741

Опубликовано: 13 мар. 2019
Источник: ubuntu
Приоритет: medium
CVSS2: 4.3
CVSS3: 6.1

Описание

An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needs-triage]
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

DNE

disco

ignored

end of life
eoan

DNE

esm-infra-legacy/trusty

needs-triage

esm-infra/bionic

needed

esm-infra/focal

DNE

esm-infra/xenial

needs-triage

focal

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

ignored

end of life
eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

not-affected

1.12-1ubuntu1
eoan

not-affected

1.12.5-1ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needs-triage]
esm-infra/focal

DNE

esm-infra/xenial

needs-triage

focal

DNE

groovy

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-apps/bionic

needed

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-apps/bionic

needed

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-9741

CVSS3: 5.3
redhat
почти 7 лет назад

An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.

nvd логотип

CVE-2019-9741

CVSS3: 6.1
nvd
почти 7 лет назад

An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.

msrc логотип

CVE-2019-9741

CVSS3: 6.1
msrc
больше 1 года назад

Описание отсутствует

debian логотип

CVE-2019-9741

CVSS3: 6.1
debian
почти 7 лет назад

An issue was discovered in net/http in Go 1.11.5. CRLF injection is po ...

github логотип

GHSA-46v6-2c7g-7hfg

CVSS3: 6.1
github
больше 3 лет назад

An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Уязвимость CVE-2019-9741