FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
7f242313-aea5-11eb-8151-67f74cf7c704	go -- net/http: ReadRequest can stack overflow due to recursion with very large headers The Go project reports: http.ReadRequest can stack overflow due to recursion when given a request with a very large header (~8-10MB depending on the architecture). A http.Server which overrides the default max header of 1MB by setting Server.MaxHeaderBytes to a much larger value could also be vulnerable in the same way. Discovery 2021-04-22 Entry 2021-05-06 go lt 1.16.4,1 CVE-2021-31525 https://github.com/golang/go/issues/45710

VuXML ID

Description

7f242313-aea5-11eb-8151-67f74cf7c704

go -- net/http: ReadRequest can stack overflow due to recursion with very large headers

The Go project reports:

http.ReadRequest can stack overflow due to recursion when given a request with a very large header (~8-10MB depending on the architecture). A http.Server which overrides the default max header of 1MB by setting Server.MaxHeaderBytes to a much larger value could also be vulnerable in the same way.

Discovery 2021-04-22
Entry 2021-05-06
go

lt 1.16.4,1

CVE-2021-31525
https://github.com/golang/go/issues/45710