CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-4673 – Sensitive headers not cleared on cross-origin redirect in net/http
https://notcve.org/view.php?id=CVE-2025-4673
09 Jun 2025 — Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect responses, unintentionally exposing authentication details to unauthorized parties. Ky... • https://go.dev/cl/679257 •
CVSS: 9.4EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22871 – Request smuggling due to acceptance of invalid chunked data in net/http
https://notcve.org/view.php?id=CVE-2025-22871
04 Apr 2025 — The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed (LF) instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smugglin... • https://go.dev/cl/652998 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45336 – Sensitive headers incorrectly sent after cross-domain redirect in net/http
https://notcve.org/view.php?id=CVE-2024-45336
28 Jan 2025 — The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2. A flaw was found in the net/http... • https://go.dev/cl/643100 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-24791 – Denial of service due to improper 100-continue handling in net/http
https://notcve.org/view.php?id=CVE-2024-24791
02 Jul 2024 — The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational respon... • https://go.dev/cl/591255 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24788 – Malformed DNS message can cause infinite loop in net
https://notcve.org/view.php?id=CVE-2024-24788
08 May 2024 — A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop. Un mensaje DNS con formato incorrecto en respuesta a una consulta puede hacer que las funciones de búsqueda se atasquen en un bucle infinito. A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of s... • http://www.openwall.com/lists/oss-security/2024/05/08/3 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 64%CPEs: 3EXPL: 1CVE-2023-45288 – HTTP/2 CONTINUATION flood in net/http
https://notcve.org/view.php?id=CVE-2023-45288
04 Apr 2024 — An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going... • https://github.com/hex0punk/cont-flood-poc • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2024-24784 – Comments in display names are incorrectly handled in net/mail
https://notcve.org/view.php?id=CVE-2024-24784
05 Mar 2024 — The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers. La función ParseAddressList controla incorrectamente los comentarios (texto entre paréntesis) dentro de los nombres para mostrar. Dado que se trata de una desalineación con los analizadores de direcciones conformes, puede dar lugar a que los programas ... • http://www.openwall.com/lists/oss-security/2024/03/08/4 • CWE-115: Misinterpretation of Input •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-45289 – Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http
https://notcve.org/view.php?id=CVE-2023-45289
05 Mar 2024 — When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded. Al seguir una redirección HTTP a un dominio que no es una coincidencia de subdominio o un... • http://www.openwall.com/lists/oss-security/2024/03/08/4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-45290 – Memory exhaustion in multipart form parsing in net/textproto and net/http
https://notcve.org/view.php?id=CVE-2023-45290
05 Mar 2024 — When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limi... • http://www.openwall.com/lists/oss-security/2024/03/08/4 • CWE-20: Improper Input Validation CWE-770: Allocation of Resources Without Limits or Throttling •