Skip to main content

Gohttp

4 CVEs product

Monthly

CVE-2019-12198 HIGH POC This Week

In GoHttp through 2017-07-25, there is a stack-based buffer over-read via a long User-Agent header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Gohttp
NVD GitHub
CVSS 3.0
7.5
EPSS
1.3%
CVE-2019-12160 CRITICAL POC Act Now

GoHTTP through 2017-07-25 has a sendHeader use-after-free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Memory Corruption Gohttp
NVD GitHub
CVSS 3.0
9.8
EPSS
1.7%
CVE-2019-12159 HIGH This Week

GoHTTP through 2017-07-25 has a stack-based buffer over-read in the scan function (when called from getRequestType) via a long URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Gohttp
NVD GitHub
CVSS 3.0
7.5
EPSS
1.3%
CVE-2019-12158 CRITICAL Act Now

GoHTTP through 2017-07-25 has a GetExtension heap-based buffer overflow via a long extension. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Gohttp
NVD GitHub
CVSS 3.0
9.8
EPSS
1.6%
EPSS 1% CVSS 7.5
HIGH POC This Week

In GoHttp through 2017-07-25, there is a stack-based buffer over-read via a long User-Agent header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Gohttp
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

GoHTTP through 2017-07-25 has a sendHeader use-after-free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Memory Corruption +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

GoHTTP through 2017-07-25 has a stack-based buffer over-read in the scan function (when called from getRequestType) via a long URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Gohttp
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

GoHTTP through 2017-07-25 has a GetExtension heap-based buffer overflow via a long extension. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Gohttp
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy