AVG-1021 log
Package | go |
Status | Fixed |
Severity | Medium |
Type | multiple issues |
Affected | 2:1.12.7-1 |
Fixed | 2:1.12.8-1 |
Current | 2:1.23.2-1 [extra] |
Ticket | None |
Created | Wed Aug 14 15:57:17 2019 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2019-14809 | Medium | Yes | Insufficient validation | An issue has been found in Go before 1.12.8, where url.Parse would accept URLs with malformed hosts, such that the Host field could have arbitrary suffixes... |
CVE-2019-9514 | Medium | Yes | Denial of service | An issue has been found in several HTTP/2 implementations, where the attacker opens a number of streams and sends an invalid request over each stream that... |
CVE-2019-9512 | Medium | Yes | Denial of service | An issue has been found in several HTTP/2 implementations, where the attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal... |
Date | Advisory | Package | Type |
---|---|---|---|
24 Aug 2019 | ASA-201908-15 | go | multiple issues |
References |
---|
https://groups.google.com/forum/#!msg/golang-announce/65QixT3tcmg/DrFiG6vvCwAJ |