CVE-2024-24785

Related Files

Gentoo Linux Security Advisory 202408-07

Posted Aug 7, 2024

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202408-7 - Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service. Versions greater than or equal to 1.22.3 are affected.

tags | advisory, denial of service, vulnerability

systems | linux, gentoo

advisories | CVE-2023-24539, CVE-2023-24540, CVE-2023-29400, CVE-2023-39326, CVE-2023-45283, CVE-2023-45285, CVE-2023-45288, CVE-2023-45289, CVE-2023-45290, CVE-2024-24783, CVE-2024-24784, CVE-2024-24785, CVE-2024-24788

SHA-256 | 2ccc903a817532e66048ef0c9f0125745b5ac34d11a79d6ecf529ae860f2676d

Download | Favorite | View

Ubuntu Security Notice USN-6886-1

Posted Jul 9, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6886-1 - It was discovered that the Go net/http module did not properly handle the requests when request\'s headers exceed MaxHeaderBytes. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that the Go net/http module did not properly validate the subdomain match or exact match of the initial domain. An attacker could possibly use this issue to read sensitive information. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

tags | advisory, web, denial of service

systems | linux, ubuntu

advisories | CVE-2023-45288, CVE-2023-45289, CVE-2023-45290, CVE-2024-24783, CVE-2024-24784, CVE-2024-24785, CVE-2024-24788, CVE-2024-24789, CVE-2024-24790

SHA-256 | 66197d055fed6c97073d4c955f114f48acbb90bca8321f4984ae151d375a3e75

Download | Favorite | View