AVG-1215 log

Package go
Status Fixed
Severity Medium
Type cross-site scripting
Affected 1.15.0-1
Fixed 1.15.1-1
Current 2:1.23.2-1 [extra]
Ticket None
Created Wed Sep 2 03:54:18 2020
Issue Severity Remote Type Description
CVE-2020-24553 Medium Yes Cross-site scripting
In Go versions before 1.15.1 and 1.14.8 if the Content-Type header of a Handler was not explicitly set the net/http/cgi and net/http/fcgi packages would...
Date Advisory Package Type
03 Sep 2020 ASA-202009-3 go cross-site scripting
References
https://github.com/golang/go/issues/40928
https://www.redteam-pentesting.de/advisories/rt-sa-2020-004
https://groups.google.com/g/golang-announce/c/8wqlSbkLdPs/m/UccMwBPUBAAJ
https://github.com/golang/go/commit/eb07103a083237414145a45f029c873d57037e06