Download
| Alert*
oval:org.secpod.oval:def:116206
The Go Programming Language. oval:org.secpod.oval:def:1601028 An issue was discovered in net/http in Go. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command oval:org.secpod.oval:def:1504282 go-toolset [1.11.5-2] - Include patch to fix CVE-2019-9741 - Resolves: rhbz#1690443 golang [1.11.5-2] - Include patch to fix CVE-2019-9741 - Resolves: rhbz#1690443 [1.11.5-2] - Switch to pagure fork for Go FIPS oval:org.secpod.oval:def:503142 The go-toolset:rhel8 module provides Go Toolset, a compiler toolset for building applications using the Go language and compiler suite. Security Fix: * golang: CRLF injection in net/http For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other relate ... oval:org.secpod.oval:def:2004941 An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command. |