FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
6fea7103-2ea4-11ed-b403-3dae8ac60d3e	go -- multiple vulnerabilities The Go project reports: net/http: handle server errors after sending GOAWAY A closing HTTP/2 server connection could hang forever waiting for a clean shutdown that was preempted by a subsequent fatal error. This failure mode could be exploited to cause a denial of service. net/url: JoinPath does not strip relative path components in all circumstances JoinPath and URL.JoinPath would not remove ../ path components appended to a relative path. Discovery 2022-09-06 Entry 2022-09-07 go118 < 1.18.6 go119 < 1.19.1 CVE-2022-27664 CVE-2022-32190 https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ

VuXML ID

Description

6fea7103-2ea4-11ed-b403-3dae8ac60d3e

go -- multiple vulnerabilities

The Go project reports:

net/http: handle server errors after sending GOAWAY

A closing HTTP/2 server connection could hang forever waiting for a clean shutdown that was preempted by a subsequent fatal error. This failure mode could be exploited to cause a denial of service.

net/url: JoinPath does not strip relative path components in all circumstances

JoinPath and URL.JoinPath would not remove ../ path components appended to a relative path.

Discovery 2022-09-06
Entry 2022-09-07
go118

< 1.18.6

go119

< 1.19.1

CVE-2022-27664
CVE-2022-32190
https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ