Количество 30
Количество 30
CVE-2024-45336
Sensitive headers incorrectly sent after cross-domain redirect in net/http
CVE-2024-45336
The HTTP client drops sensitive headers after following a cross-domain ...
SUSE-SU-2025:0429-1
Security update for govulncheck-vulndb
GHSA-3f6r-qh9c-x6mm
A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs.
BDU:2025-03335
Уязвимость языка программирования Golang, связанная с неправильной проверкой входных данных, позволяющая нарушителю обойти внедренные ограничения безопасности
GHSA-7wrw-r4p8-38rx
The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.
BDU:2025-02667
Уязвимость языка программирования Golang, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к учетным данным
SUSE-SU-2025:0297-1
Security update for govulncheck-vulndb
RLSA-2025:7592
Important: yggdrasil security update
ELSA-2025-7592
ELSA-2025-7592: yggdrasil security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-45336 Sensitive headers incorrectly sent after cross-domain redirect in net/http | CVSS3: 6.1 | 0% Низкий | 12 месяцев назад |
| CVE-2024-45336 The HTTP client drops sensitive headers after following a cross-domain ... | CVSS3: 6.1 | 0% Низкий | около 1 года назад |
 | SUSE-SU-2025:0429-1 Security update for govulncheck-vulndb | 12 месяцев назад | ||
| GHSA-3f6r-qh9c-x6mm A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs. | CVSS3: 6.1 | 0% Низкий | около 1 года назад |
 | BDU:2025-03335 Уязвимость языка программирования Golang, связанная с неправильной проверкой входных данных, позволяющая нарушителю обойти внедренные ограничения безопасности | CVSS3: 6.1 | 0% Низкий | около 1 года назад |
| GHSA-7wrw-r4p8-38rx The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2. | CVSS3: 6.1 | 0% Низкий | около 1 года назад |
| BDU:2025-02667 Уязвимость языка программирования Golang, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к учетным данным | CVSS3: 6.1 | 0% Низкий | около 1 года назад |
| SUSE-SU-2025:0297-1 Security update for govulncheck-vulndb | около 1 года назад | ||
 | RLSA-2025:7592 Important: yggdrasil security update | 4 месяца назад | ||
| ELSA-2025-7592 ELSA-2025-7592: yggdrasil security update (IMPORTANT) | 7 месяцев назад |
Уязвимостей на страницу