Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
07 Nov 2023, 03:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2020-07-17 16:15
Updated : 2024-02-28 17:47
NVD link : CVE-2020-15586
Mitre link : CVE-2020-15586
CVE.ORG link : CVE-2020-15586
JSON object : View
Products Affected
cloudfoundry
- cf-deployment
- routing-release
debian
- debian_linux
opensuse
- leap
fedoraproject
- fedora
golang
- go
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')