CVE-2019-16276

Published: August 31, 2023Last modified: August 31, 2023

Description

Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.

Severity score breakdown

Status

References

• http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00043.html
• http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00044.html
• https://access.redhat.com/errata/RHSA-2020:0101
• https://access.redhat.com/errata/RHSA-2020:0329
• https://access.redhat.com/errata/RHSA-2020:0652
• https://github.com/golang/go/issues/34540
• https://groups.google.com/forum/#!msg/golang-announce/cszieYyuL9Q/g4Z7pKaqAgAJ
• https://groups.google.com/forum/#%21msg/golang-announce/cszieYyuL9Q/g4Z7pKaqAgAJ
• https://lists.debian.org/debian-lts-announce/2021/03/msg00014.html
• https://lists.debian.org/debian-lts-announce/2021/03/msg00015.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LULL72EUUKIY4NWDZVJVN2LIB4MXHS5P/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O7GMJ3VXF5RXK2C7CL66KJ6XOOTOL5BJ/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q5MD2F7ATWSTB45ZJIPJHBAAHVRGRAKG/
• https://lists.fedoraproject.org/archives/list/[email protected]/message/LULL72EUUKIY4NWDZVJVN2LIB4MXHS5P/
• https://lists.fedoraproject.org/archives/list/[email protected]/message/O7GMJ3VXF5RXK2C7CL66KJ6XOOTOL5BJ/
• https://lists.fedoraproject.org/archives/list/[email protected]/message/Q5MD2F7ATWSTB45ZJIPJHBAAHVRGRAKG/
• https://security.netapp.com/advisory/ntap-20191122-0004/