Количество 16
Количество 16
CVE-2024-45336
The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.
CVE-2024-45336
The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.
CVE-2024-45336
The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.
CVE-2024-45336
CVE-2024-45336
The HTTP client drops sensitive headers after following a cross-domain ...
GHSA-7wrw-r4p8-38rx
The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.
BDU:2025-02667
Уязвимость языка программирования Golang, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к учетным данным
SUSE-SU-2025:0281-1
Security update for go1.22
SUSE-SU-2025:0280-1
Security update for go1.23
ROS-20250212-16
Множественные уязвимости golang
ELSA-2025-3772
ELSA-2025-3772: go-toolset:ol8 security update (MODERATE)
SUSE-SU-2025:1555-1
Security update for go1.22-openssl
SUSE-SU-2025:0285-1
Security update for go1.24
SUSE-SU-2025:01731-1
Security update for go1.23-openssl
SUSE-SU-2025:0429-1
Security update for govulncheck-vulndb
SUSE-SU-2025:0297-1
Security update for govulncheck-vulndb
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-45336 The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2. | CVSS3: 6.1 | 0% Низкий | 5 месяцев назад |
 | CVE-2024-45336 The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2. | CVSS3: 5.9 | 0% Низкий | 5 месяцев назад |
 | CVE-2024-45336 The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2. | CVSS3: 6.1 | 0% Низкий | 5 месяцев назад |
 | CVSS3: 6.1 | 0% Низкий | 4 месяца назад | |
| CVE-2024-45336 The HTTP client drops sensitive headers after following a cross-domain ... | CVSS3: 6.1 | 0% Низкий | 5 месяцев назад |
| GHSA-7wrw-r4p8-38rx The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2. | CVSS3: 6.1 | 0% Низкий | 5 месяцев назад |
 | BDU:2025-02667 Уязвимость языка программирования Golang, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к учетным данным | CVSS3: 6.1 | 0% Низкий | 5 месяцев назад |
 | SUSE-SU-2025:0281-1 Security update for go1.22 | 5 месяцев назад | ||
| SUSE-SU-2025:0280-1 Security update for go1.23 | 5 месяцев назад | ||
 | ROS-20250212-16 Множественные уязвимости golang | CVSS3: 6.1 | 4 месяца назад | |
| ELSA-2025-3772 ELSA-2025-3772: go-toolset:ol8 security update (MODERATE) | 2 месяца назад | ||
| SUSE-SU-2025:1555-1 Security update for go1.22-openssl | около 1 месяца назад | ||
| SUSE-SU-2025:0285-1 Security update for go1.24 | 5 месяцев назад | ||
| SUSE-SU-2025:01731-1 Security update for go1.23-openssl | 24 дня назад | ||
| SUSE-SU-2025:0429-1 Security update for govulncheck-vulndb | 4 месяца назад | ||
| SUSE-SU-2025:0297-1 Security update for govulncheck-vulndb | 5 месяцев назад |
Уязвимостей на страницу