Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-919DA0C7A50094962DC72151B0CEFEA1HistoryMay 24, 2022 - 12:00 a.m.
Uncontrolled Recursion
2022-05-2400:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
13
uncontrolled recursion
net/http
denial of service
panic
large header
readrequest
readresponse
server
transport
client
security vulnerability
EPSS
0.009
Percentile
82.3%
net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.
References
github.com/advisories/GHSA-h86h-8ppg-mxmh
github.com/golang/go/issues/45710
go.dev/cl/313069
go.dev/issue/45710
go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9
groups.google.com/g/golang-announce/c/cu9SP4eSXMc
lists.fedoraproject.org/archives/list/[email protected]/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/
nvd.nist.gov/vuln/detail/CVE-2021-31525
pkg.go.dev/vuln/GO-2022-0236
security.gentoo.org/glsa/202208-02
Related
openvas
openvas
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-2551)
2021-09-28 00:00:00
Fedora: Security Advisory for golang (FEDORA-2021-ee3c072cd0)
2021-06-24 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:2085-1)
2021-06-20 00:00:00
nessus
nessus
EulerOS 2.0 SP9 : golang (EulerOS-SA-2021-2527)
2021-09-27 00:00:00
SUSE SLED15 / SLES15 Security Update : go1.15 (SUSE-SU-2021:2082-1)
2021-06-21 00:00:00
EulerOS 2.0 SP5 : golang (EulerOS-SA-2021-2497)
2021-09-27 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package golang version 1.15.12-alt1
2021-05-11 00:00:00
Security fix for the ALT Linux 10 package golang version 1.16.4-alt1
2021-05-06 00:00:00
amazon
amazon
Medium: golang
2021-06-16 20:37:00
Medium: golang
2021-07-08 18:38:00
cbl_mariner
cbl_mariner
CVE-2021-31525 affecting package golang 1.15.11-1
2021-07-08 21:56:48
ibm
ibm
prion
prion
Code injection
2021-05-27 13:15:00
Design/Logic Flaw
2022-08-26 16:15:00
osv
osv
CVE-2021-31525
2021-05-27 13:15:08
Panic due to large headers in net/http and golang.org/x/net/http/httpguts
2022-07-15 23:04:18
CGA-32m8-fvv2-4hw3
2024-06-06 12:21:20
alpinelinux
alpinelinux
CVE-2021-31525
2021-05-27 13:15:08
cvelist
cvelist
CVE-2021-31525
2021-05-27 12:17:11
CVE-2021-3703
2022-08-26 15:25:40
nvd
nvd
CVE-2021-31525
2021-05-27 13:15:08
CVE-2021-3703
2022-08-26 16:15:09
photon
photon
Moderate Photon OS Security Update - PHSA-2021-0276
2021-07-29 00:00:00
Important Photon OS Security Update - PHSA-2021-0046
2021-06-15 00:00:00
Moderate Photon OS Security Update - PHSA-2021-3.0-0276
2021-07-29 00:00:00
redhatcve
redhatcve
fedora
fedora
[SECURITY] Fedora 34 Update: golang-1.16.4-1.fc34
2021-06-22 01:01:50
[SECURITY] Fedora 33 Update: golang-1.15.12-1.fc33
2021-05-19 01:31:16
gitlab
gitlab
Uncontrolled Recursion
2022-05-24 00:00:00
github
github
golang.org/x/net/http/httpguts vulnerable to Uncontrolled Recursion
2022-05-24 19:03:29
wolfi
wolfi
CVE-2021-31525 vulnerabilities
2024-09-28 21:12:41
suse
suse
Security update for go1.15 (moderate)
2021-06-24 00:00:00
cgr
cgr
CVE-2021-31525 vulnerabilities
2024-05-19 03:07:16
f5
f5
K55518036 : GO vulnerability CVE-2021-31525
2021-11-03 00:00:00
veracode
veracode
Stack Overflow
2021-05-09 02:20:52
freebsd
freebsd
debiancve
debiancve
CVE-2021-31525
2021-05-27 13:15:08
cve
cve
CVE-2021-31525
2021-05-27 13:15:08
CVE-2021-3703
2022-08-26 16:15:09
ubuntucve
ubuntucve
CVE-2021-31525
2021-05-27 00:00:00
redhat
redhat
rocky
rocky
go-toolset:rhel8 security, bug fix, and enhancement update
2021-08-10 12:00:58
almalinux
almalinux
Moderate: go-toolset:rhel8 security, bug fix, and enhancement update
2021-08-10 12:00:58
oraclelinux
oraclelinux
go-toolset:ol8 security, bug fix, and enhancement update
2021-08-12 00:00:00
mageia
mageia
Updated golang packages fix security vulnerabilities
2021-07-25 11:34:17
gentoo
gentoo
Go: Multiple Vulnerabilities
2022-08-04 00:00:00