all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6038-1: Go vulnerabilities

Add to bookmarks
April 25, 2023, 10:23 a.m. |

Ubuntu security notices ubuntu.com

It was discovered that the Go net/http module incorrectly handled
Transfer-Encoding headers in the HTTP/1 client. A remote attacker could
possibly use this issue to perform an HTTP Request Smuggling attack.
(CVE-2022-1705)

It was discovered that Go did not properly manage memory under certain
circumstances. An attacker could possibly use this issue to cause a panic
resulting into a denial of service. (CVE-2022-1962, CVE-2022-27664,
CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632,
CVE-2022-30633, CVE-2022-30635, CVE-2022-32189, CVE-2022-41715,
CVE-2022-41717, CVE-2023-24534, CVE-2023-24537)

It was discovered that Go …

attack client cve denial of service encoding headers http http request smuggling issue manage memory panic reader request request smuggling service size smuggling under usn vulnerabilities

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6757-2: PHP vulnerabilities 1 day, 2 hours ago | ubuntu.com
advisory arbitrary code attacker code +15
USN-6762-1: GNU C Library vulnerabilities 1 day, 5 hours ago | ubuntu.com
arbitrary code attacker attackers code +14
USN-6747-2: Firefox regressions 1 day, 15 hours ago | ubuntu.com
advisory attacker denial of service domains +14
USN-6760-1: Gerbv vulnerability 2 days, 19 hours ago | ubuntu.com
application attacker crash data +10
LSN-0103-1: Kernel Live Patch Security Notice 3 days, 7 hours ago | ubuntu.com
attacker con cve data +21
USN-6758-1: JSON5 vulnerability 3 days, 7 hours ago | ubuntu.com
access application attacker denial of service +12
USN-6761-1: Anope vulnerability 3 days, 10 hours ago | ubuntu.com
accounts attacker changing credentials +7
USN-6759-1: FreeRDP vulnerabilities 4 days, 1 hour ago | ubuntu.com
attacker crash denial of service issue +7
USN-6757-1: PHP vulnerabilities 4 days, 4 hours ago | ubuntu.com
arbitrary code attacker code cookie +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Intern, Cyber Security Vulnerability Management

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Compliance - Global Privacy Office - Associate - Bengaluru

@ Goldman Sachs | Bengaluru, Karnataka, India
View on infosec-jobs.com

Cyber Security Engineer (m/w/d) Operational Technology

@ MAN Energy Solutions | Oberhausen, DE, 46145
View on infosec-jobs.com

Armed Security Officer - Hospital

@ Allied Universal | Sun Valley, CA, United States
View on infosec-jobs.com

Governance, Risk and Compliance Officer (Africa)

@ dLocal | Lagos (Remote)
View on infosec-jobs.com

Junior Cloud DevSecOps Network Engineer

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com
View more jobs