All errata/sisyphus/ALT-PU-2021-1769-2
ALT-PU-2021-1769-2

Package update golang in branch sisyphus

Version1.16.4-alt1
Task#271287
Published2026-02-04
Max severityMEDIUM
Severity:

Closed issues (2)

CVE-2021-31525
MEDIUM5.9

net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.

Published: 2021-05-27Modified: 2024-11-21
CVSS 2.0LOW 2.6
CVSS:2.0/AV:N/AC:H/Au:N/C:N/I:N/A:P
CVSS 3.xMEDIUM 5.9
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
References
GHSA-h86h-8ppg-mxmh
MEDIUM5.9

golang.org/x/net/http/httpguts vulnerable to Uncontrolled Recursion

Published: 2022-05-24Modified: 2024-05-20
CVSS 3.xMEDIUM 5.9
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
References