Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

CVE-2019-16276 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2019-16276

CVE-2019-16276

HIGH7.5

Go before 1

Published Sep 30, 2019

Modified 1 years ago

Details

Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.

References

ADVISORY

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00043.html

ADVISORY

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00044.html

ADVISORY

https://access.redhat.com/errata/RHSA-2020:0101

ADVISORY

https://access.redhat.com/errata/RHSA-2020:0329

ADVISORY

https://access.redhat.com/errata/RHSA-2020:0652

WEB

https://github.com/golang/go/issues/34540

WEB

https://groups.google.com/forum/#%21msg/golang-announce/cszieYyuL9Q/g4Z7pKaqAgAJ

WEB

https://lists.debian.org/debian-lts-announce/2021/03/msg00014.html

WEB

https://lists.debian.org/debian-lts-announce/2021/03/msg00015.html

ADVISORY

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LULL72EUUKIY4NWDZVJVN2LIB4MXHS5P/

ADVISORY

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O7GMJ3VXF5RXK2C7CL66KJ6XOOTOL5BJ/

ADVISORY

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q5MD2F7ATWSTB45ZJIPJHBAAHVRGRAKG/

WEB

https://security.netapp.com/advisory/ntap-20191122-0004/

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2019-16276

CVSS Analysis

CVSS v3.1

7.5

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

HighI:H

Availability

NoneA:N

7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Ecosystems

Timeline

PublishedSep 30, 2019

ModifiedAug 5, 2024