Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google Go 环境问题漏洞
Vulnerability Description
Google Go是美国谷歌(Google)公司的一款静态强类型、编译型、并发型,并具有垃圾回收功能的编程语言。 Google Go 1.4.3之前版本中的net/http/transfer.go文件的net/http库存在环境问题漏洞,该漏洞源于程序没有正确解析HTTP标头。攻击者可借助带有Content-Length和Transfer-Encoding标头字段的请求利用该漏洞进行HTTP请求走私攻击。
CVSS Information
N/A
Vulnerability Type
N/A