Lucene search
Redhat.comRH:CVE-2019-16276HistorySep 26, 2019 - 2:21 p.m.
CVE-2019-16276
2019-09-2614:21:04
redhat.com
access.redhat.com
10
0.01 Low
EPSS
Percentile
83.4%
It was discovered that net/http (through net/textproto) in golang does not correctly interpret HTTP requests where an HTTP header contains spaces before the colon. This could be abused by an attacker to smuggle HTTP requests when a proxy or a firewall is placed behind a server implemented in Go or to filter bypasses depending on the specific network configuration.
Related
nessus
nessus
Fedora 30 : golang (2019-416d20f960)
2019-10-10 00:00:00
Amazon Linux 2 : golang (ALAS-2020-1383)
2020-01-21 00:00:00
Fedora 31 : golang (2019-1b8cbd39ff)
2019-10-08 00:00:00
amazon
amazon
checkpoint_advisories
checkpoint_advisories
Kubernetes Go Server Authentication Bypass (CVE-2019-16276)
2019-10-22 00:00:00
osv
osv
CVE-2019-16276
2019-09-30 19:15:08
golang-1.11 - security update
2019-09-27 00:00:00
ibm
ibm
debian
debian
[SECURITY] [DSA 4534-1] golang-1.11 security update
2019-09-27 20:36:57
[SECURITY] [DLA 2592-1] golang-1.8 security update
2021-03-13 18:37:54
[SECURITY] [DLA 2591-1] golang-1.7 security update
2021-03-13 18:37:17
veracode
veracode
HTTP Request Smuggling
2019-09-27 03:44:16
cve
cve
CVE-2019-16276
2019-09-30 19:15:08
altlinux
altlinux
Security fix for the ALT Linux 10 package golang version 1.12.10-alt1
2019-10-10 00:00:00
alpinelinux
alpinelinux
CVE-2019-16276
2019-09-30 19:15:08
openvas
openvas
Debian: Security Advisory (DSA-4534-1)
2019-09-30 00:00:00
Fedora Update for golang FEDORA-2019-1b8cbd39ff
2020-01-09 00:00:00
openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2522-1)
2020-01-09 00:00:00
prion
prion
Design/Logic Flaw
2019-09-30 19:15:00
fedora
fedora
[SECURITY] Fedora 31 Update: golang-1.13.1-1.fc31
2019-10-08 00:29:14
[SECURITY] Fedora 30 Update: golang-1.12.10-1.fc30
2019-10-09 16:54:30
[SECURITY] Fedora 30 Update: golang-1.12.13-1.fc30
2019-11-12 02:09:13
nvd
nvd
CVE-2019-16276
2019-09-30 19:15:08
cvelist
cvelist
CVE-2019-16276
2019-09-30 18:40:12
debiancve
debiancve
CVE-2019-16276
2019-09-30 19:15:08
symantec
symantec
Golang Go CVE-2019-16276 HTTP Request Smuggling Vulnerability
2019-09-26 00:00:00
freebsd
freebsd
go -- invalid headers are normalized, allowing request smuggling
2019-09-25 00:00:00
redhat
redhat
(RHSA-2020:0652) Moderate: OpenShift Container Platform 4.2.21 openshift/installer security update
2020-03-05 20:08:21
(RHSA-2020:0101) Moderate: go-toolset-1.12-golang security update
2020-01-14 08:24:12
(RHSA-2020:0329) Moderate: go-toolset:rhel8 security update
2020-02-04 08:35:13
ubuntucve
ubuntucve
CVE-2019-16276
2019-09-30 00:00:00
threatpost
threatpost
ThreatList: One-Third of Firms Say Their Container Security Lags
2018-11-23 13:00:48
Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS
2019-10-17 14:25:39
Public Bug Bounty Takes Aim at Kubernetes Container Project
2020-01-14 17:00:28
oraclelinux
oraclelinux
go-toolset:ol8 security update
2020-02-17 00:00:00
olcne kubernetes security update
2020-04-17 00:00:00
kubernetes security update
2020-01-31 00:00:00
suse
suse
Security update for go1.12 (moderate)
2019-11-17 00:00:00
Security update for go1.12 (moderate)
2019-11-17 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2019-0037
2019-11-01 00:00:00
Important Photon OS Security Update - PHSA-2019-3.0-0037
2019-10-31 00:00:00
Important Photon OS Security Update - PHSA-2020-0200
2020-01-14 00:00:00