github.com/golang/go is vulnerable to authorization bypass. The vulnerability exists as URL.Parse incorrectly parses host
and port
when given malformed URLs.
lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html
github.com/golang/go/commit/3226f2d492963d361af9dfc6714ef141ba606713
github.com/golang/go/commit/c1d9ca70995dc232a2145e3214f94e03409f6fcc
github.com/golang/go/issues/29098
github.com/golang/go/issues/33632
github.com/golang/go/issues/33633
groups.google.com/forum/#!topic/golang-announce/0uuMm1BwpHE
groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg
seclists.org/bugtraq/2019/Aug/31
www.debian.org/security/2019/dsa-4503