Количество 15
Количество 15
CVE-2025-58186
Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption.
CVE-2025-58186
Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption.
CVE-2025-58186
Lack of limit when parsing cookies can cause memory exhaustion in net/http
CVE-2025-58186
Despite HTTP headers having a default limit of 1MB, the number of cook ...
GHSA-rjcg-56ph-3qvg
Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption.
BDU:2025-14529
Уязвимость компонента net/http языка программирования Go, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2025:3682-1
Security update for go1.24
SUSE-SU-2025:03547-1
Security update for go1.25
openSUSE-SU-2025:20158-1
Security update for go1.24
openSUSE-SU-2025:20157-1
Security update for go1.25
SUSE-SU-2026:0308-1
Security update for go1.24-openssl
SUSE-SU-2026:0296-1
Security update for go1.24-openssl
ROS-20251029-07
Множественные уязвимости golang
SUSE-SU-2026:0298-1
Security update for go1.25-openssl
SUSE-SU-2026:0297-1
Security update for go1.25-openssl
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-58186 Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | CVE-2025-58186 Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http | 0% Низкий | 2 месяца назад | |
| CVE-2025-58186 Despite HTTP headers having a default limit of 1MB, the number of cook ... | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
| GHSA-rjcg-56ph-3qvg Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | BDU:2025-14529 Уязвимость компонента net/http языка программирования Go, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | SUSE-SU-2025:3682-1 Security update for go1.24 | 4 месяца назад | ||
| SUSE-SU-2025:03547-1 Security update for go1.25 | 4 месяца назад | ||
| openSUSE-SU-2025:20158-1 Security update for go1.24 | 2 месяца назад | ||
| openSUSE-SU-2025:20157-1 Security update for go1.25 | 2 месяца назад | ||
| SUSE-SU-2026:0308-1 Security update for go1.24-openssl | 13 дней назад | ||
| SUSE-SU-2026:0296-1 Security update for go1.24-openssl | 15 дней назад | ||
 | ROS-20251029-07 Множественные уязвимости golang | CVSS3: 8.2 | 3 месяца назад | |
| SUSE-SU-2026:0298-1 Security update for go1.25-openssl | 15 дней назад | ||
| SUSE-SU-2026:0297-1 Security update for go1.25-openssl | 15 дней назад |
Уязвимостей на страницу