Количество 11
Количество 11
BDU:2025-14529
Уязвимость компонента net/http языка программирования Go, позволяющая нарушителю вызвать отказ в обслуживании
CVE-2025-58186
Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption.
CVE-2025-58186
Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption.
CVE-2025-58186
Lack of limit when parsing cookies can cause memory exhaustion in net/http
CVE-2025-58186
Despite HTTP headers having a default limit of 1MB, the number of cook ...
ROS-20251029-07
Множественные уязвимости golang
GHSA-rjcg-56ph-3qvg
Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption.
SUSE-SU-2025:3682-1
Security update for go1.24
SUSE-SU-2025:03547-1
Security update for go1.25
openSUSE-SU-2025:20158-1
Security update for go1.24
openSUSE-SU-2025:20157-1
Security update for go1.25
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2025-14529 Уязвимость компонента net/http языка программирования Go, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | CVE-2025-58186 Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | CVE-2025-58186 Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http | 0% Низкий | около 1 месяца назад | |
| CVE-2025-58186 Despite HTTP headers having a default limit of 1MB, the number of cook ... | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | ROS-20251029-07 Множественные уязвимости golang | CVSS3: 8.2 | 3 месяца назад | |
| GHSA-rjcg-56ph-3qvg Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | SUSE-SU-2025:3682-1 Security update for go1.24 | 3 месяца назад | ||
| SUSE-SU-2025:03547-1 Security update for go1.25 | 3 месяца назад | ||
| openSUSE-SU-2025:20158-1 Security update for go1.24 | около 1 месяца назад | ||
| openSUSE-SU-2025:20157-1 Security update for go1.25 | около 1 месяца назад |
Уязвимостей на страницу