CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 0CVE-2019-16276 – golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling
https://notcve.org/view.php?id=CVE-2019-16276
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. Go versiones anteriores a 1.12.10 y versiones 1.13.x anteriores a 1.13.1, permitir el Trafico No Autorizado de Peticiones HTTP. It was discovered that net/http (through net/textproto) in golang does not correctly interpret HTTP requests where an HTTP header contains spaces before the colon. This could be abused by an attacker to smuggle HTTP requests when a proxy or a firewall is placed behind a server implemented in Go or to filter bypasses depending on the specific network configuration. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00043.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00044.html https://access.redhat.com/errata/RHSA-2020:0101 https://access.redhat.com/errata/RHSA-2020:0329 https://access.redhat.com/errata/RHSA-2020:0652 https://github.com/golang/go/issues/34540 https://groups.google.com/forum/#%21msg/golang-announce/cszieYyuL9Q/g4Z7pKaqAgAJ https://lists.debian.org/debian-lts-announce/2021/03/msg00014.html https&# • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 9.8EPSS: 3%CPEs: 3EXPL: 1CVE-2019-14809 – golang: malformed hosts in URLs leads to authorization bypass
https://notcve.org/view.php?id=CVE-2019-14809
net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com. net / url in Go antes del 1.11.13 y 1.12.x antes del 1.12.8 maneja mal los hosts mal formados en las URL, lo que lleva a una omisión de autorización en algunas aplicaciones. Esto está relacionado con un campo Host con un sufijo que no aparece en Hostname () ni Port (), y está relacionado con un número de puerto no numérico. Por ejemplo, un atacante puede componer un javascript creado: // URL que da como resultado un nombre de host de google.com. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html https://access.redhat.com/errata/RHSA-2019:3433 https://github.com/golang/go/issues/29098 https://groups.google.com/forum/ • CWE-285: Improper Authorization •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 2CVE-2019-11841 – Go Cryptography Libraries Cleartext Message Spoofing
https://notcve.org/view.php?id=CVE-2019-11841
A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The "Hash" Armor Header specifies the message digest algorithm(s) used for the signature. However, the Go clearsign package ignores the value of this header, which allows an attacker to spoof it. Consequently, an attacker can lead a victim to believe the signature was generated using a different message digest algorithm than what was actually used. • http://packetstormsecurity.com/files/152840/Go-Cryptography-Libraries-Cleartext-Message-Spoofing.html https://go.googlesource.com/crypto https://lists.debian.org/debian-lts-announce/2019/09/msg00011.html https://lists.debian.org/debian-lts-announce/2020/10/msg00014.html https://lists.debian.org/debian-lts-announce/2023/06/msg00017.html https://sec-consult.com https://sec-consult.com/en/blog/advisories/cleartext-message-spoofing-in-go-cryptography-libraries-cve-2019-11841 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11888
https://notcve.org/view.php?id=CVE-2019-11888
Go through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with a non-nil token, which allows attackers to obtain sensitive information or gain privileges. Repase la sección 1.12.5 de Windows, que trata mal la creación de procesos con un entorno nulo en combinación con un token no nulo, que permite a los atacantes obtener información confidencial u obtener privilegios. • https://go-review.googlesource.com/c/go/+/176619 • CWE-269: Improper Privilege Management •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11840 – golang.org/x/crypto: Keystream loop in amd64 assembly when overflowing 32-bit counter
https://notcve.org/view.php?id=CVE-2019-11840
An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 GiB of keystream is generated, or if the counter otherwise grows greater than 32 bits, the amd64 implementation will first generate incorrect output, and then cycle back to previously generated keystream. Repeated keystream bytes can lead to loss of confidentiality in encryption applications, or to predictability in CSPRNG applications. se descubrio un problema en Go cryptography libraries, también se conoce como golang-googlecode-go-crypto, anterior del 20-03-2019. Se encontró un fallo en la implementación de amd64 de golang.org/x/crypto/salsa20 y golang.org/x/crypto/salsa20/salsa. • https://bugzilla.redhat.com/show_bug.cgi?id=1691529 https://github.com/golang/go/issues/30965 https://go.googlesource.com/crypto/+/b7391e95e576cacdcdd422573063bc057239113d https://groups.google.com/forum/#%21msg/golang-announce/tjyNcJxb2vQ/n0NRBziSCAAJ https://lists.debian.org/debian-lts-announce/2019/06/msg00029.html https://lists.debian.org/debian-lts-announce/2020/10/msg00014.html https://lists.debian.org/debian-lts-announce/2020/11/msg00016.html https://lists.debian.org/debian-lts-anno • CWE-330: Use of Insufficiently Random Values •