Количество 28
Количество 28
SUSE-SU-2025:0281-1
Security update for go1.22
SUSE-SU-2025:0280-1
Security update for go1.23
ROS-20250212-16
Множественные уязвимости golang
ELSA-2025-3772
ELSA-2025-3772: go-toolset:ol8 security update (MODERATE)
SUSE-SU-2025:1555-1
Security update for go1.22-openssl
RLSA-2025:7466
Moderate: delve and golang security update
ELSA-2025-7466
ELSA-2025-7466: delve and golang security update (MODERATE)
SUSE-SU-2025:0285-1
Security update for go1.24
SUSE-SU-2025:01731-1
Security update for go1.23-openssl
SUSE-SU-2025:03159-1
Security update for go1.23-openssl
CVE-2024-45341
A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs.
CVE-2024-45341
A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs.
CVE-2024-45341
A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs.
CVE-2024-45341
Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509
CVE-2024-45341
A certificate with a URI which has a IPv6 address with a zone ID may i ...
CVE-2024-45336
The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.
CVE-2024-45336
The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.
CVE-2024-45336
The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.
CVE-2024-45336
Sensitive headers incorrectly sent after cross-domain redirect in net/http
CVE-2024-45336
The HTTP client drops sensitive headers after following a cross-domain ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | SUSE-SU-2025:0281-1 Security update for go1.22 | 9 месяцев назад | ||
| SUSE-SU-2025:0280-1 Security update for go1.23 | 9 месяцев назад | ||
 | ROS-20250212-16 Множественные уязвимости golang | CVSS3: 6.1 | 9 месяцев назад | |
| ELSA-2025-3772 ELSA-2025-3772: go-toolset:ol8 security update (MODERATE) | 7 месяцев назад | ||
| SUSE-SU-2025:1555-1 Security update for go1.22-openssl | 6 месяцев назад | ||
 | RLSA-2025:7466 Moderate: delve and golang security update | около 1 месяца назад | ||
| ELSA-2025-7466 ELSA-2025-7466: delve and golang security update (MODERATE) | 4 месяца назад | ||
| SUSE-SU-2025:0285-1 Security update for go1.24 | 9 месяцев назад | ||
| SUSE-SU-2025:01731-1 Security update for go1.23-openssl | 5 месяцев назад | ||
| SUSE-SU-2025:03159-1 Security update for go1.23-openssl | около 2 месяцев назад | ||
 | CVE-2024-45341 A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs. | CVSS3: 6.1 | 0% Низкий | 9 месяцев назад |
 | CVE-2024-45341 A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs. | CVSS3: 4.2 | 0% Низкий | 10 месяцев назад |
 | CVE-2024-45341 A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs. | CVSS3: 6.1 | 0% Низкий | 9 месяцев назад |
 | CVE-2024-45341 Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509 | CVSS3: 6.1 | 0% Низкий | 9 месяцев назад |
| CVE-2024-45341 A certificate with a URI which has a IPv6 address with a zone ID may i ... | CVSS3: 6.1 | 0% Низкий | 9 месяцев назад |
| CVE-2024-45336 The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2. | CVSS3: 6.1 | 0% Низкий | 9 месяцев назад |
| CVE-2024-45336 The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2. | CVSS3: 5.9 | 0% Низкий | 10 месяцев назад |
| CVE-2024-45336 The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2. | CVSS3: 6.1 | 0% Низкий | 9 месяцев назад |
| CVE-2024-45336 Sensitive headers incorrectly sent after cross-domain redirect in net/http | CVSS3: 6.1 | 0% Низкий | 9 месяцев назад |
| CVE-2024-45336 The HTTP client drops sensitive headers after following a cross-domain ... | CVSS3: 6.1 | 0% Низкий | 9 месяцев назад |
Уязвимостей на страницу