ALT-PU-2021-2502-1
Closed vulnerabilities
Published: 2021-08-08
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-36221
Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.
Severity: MEDIUM (5.9)
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf
- https://groups.google.com/forum/#%21forum/golang-announce
- https://groups.google.com/forum/#%21forum/golang-announce
- https://groups.google.com/g/golang-announce/c/JvWG9FUUYT0
- https://groups.google.com/g/golang-announce/c/JvWG9FUUYT0
- https://groups.google.com/g/golang-announce/c/uHACNfXAZqk
- https://groups.google.com/g/golang-announce/c/uHACNfXAZqk
- [debian-lts-announce] 20220121 [SECURITY] [DLA 2891-1] golang-1.8 security update
- [debian-lts-announce] 20220121 [SECURITY] [DLA 2891-1] golang-1.8 security update
- [debian-lts-announce] 20220121 [SECURITY] [DLA 2892-1] golang-1.7 security update
- [debian-lts-announce] 20220121 [SECURITY] [DLA 2892-1] golang-1.7 security update
- [debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update
- [debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update
- FEDORA-2021-6a3024b3fd
- FEDORA-2021-6a3024b3fd
- FEDORA-2021-e71b05ba7b
- FEDORA-2021-e71b05ba7b
- FEDORA-2021-38b51d9fd3
- FEDORA-2021-38b51d9fd3
- GLSA-202208-02
- GLSA-202208-02
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpujan2022.html