Lucene search
Veracode Vulnerability DatabaseVERACODE:4003HistoryApr 27, 2017 - 7:53 a.m.
HTTP Request Smuggling
2017-04-2707:53:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.014 Low
EPSS
Percentile
86.4%
net/http in github.com/golang/go is vulnerable to request smuggling. This can be done because it does not correctly comply with RFC 7230.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/golang/go | eq | 1.4.2 | |
| github.com/golang/go | eq | HEAD | |
| golang | eq | 1.4.2__9.el7 |
Related
cve
cve
CVE-2015-5740
2017-10-18 20:29:00
cvelist
cvelist
CVE-2015-5740
2017-10-18 20:00:00
nvd
nvd
CVE-2015-5740
2017-10-18 20:29:00
prion
prion
Design/Logic Flaw
2017-10-18 20:29:00
ubuntucve
ubuntucve
CVE-2015-5740
2017-10-18 00:00:00
nessus
nessus
openSUSE Security Update : go (openSUSE-2016-907)
2016-07-28 00:00:00
Fedora 22 : golang-1.4.2-3.fc22 (2015-13002)
2015-08-18 00:00:00
Fedora 21 : golang-1.4.2-3.fc21 (2015-12957)
2015-08-18 00:00:00
osv
osv
Request smuggling due to improper header parsing in net/http
2022-01-05 21:39:14
GO-2021-0157
2022-01-05 20:00:00
openvas
openvas
Fedora Update for golang FEDORA-2015-15618
2015-10-02 00:00:00
Fedora Update for golang FEDORA-2015-12957
2015-08-20 00:00:00
Fedora Update for golang FEDORA-2015-13002
2015-08-20 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: golang-1.4.2-3.fc22
2015-08-18 05:23:04
[SECURITY] Fedora 22 Update: golang-1.5.1-0.fc22
2015-10-01 18:59:26
[SECURITY] Fedora 21 Update: golang-1.4.2-3.fc21
2015-08-18 05:21:47
amazon
amazon
Medium: golang, docker
2015-08-24 22:29:00
freebsd
freebsd
go -- multiple vulnerabilities
2015-07-29 00:00:00
cloudfoundry
cloudfoundry
Golang 1.4.3 CVE Fixes | Cloud Foundry
2015-10-07 00:00:00
redhat
redhat
(RHSA-2016:1538) Moderate: golang security, bug fix, and enhancement update
2016-08-02 13:46:33
centos
centos
golang security update
2016-08-02 21:57:55
hackerone
hackerone
Internet Bug Bounty: Apache HTTP Request Parsing Whitespace Defects
2017-06-29 17:41:22
Internet Bug Bounty: Multiple HTTP Smuggling reports
2019-07-17 22:47:10