A security issue has been found in Go before version 1.16.7. A net/http/httputil ReverseProxy can panic due to a race condition if its Handler aborts with ErrAbortHandler, for example due to an error in copying the response body. An attacker might be able to force the conditions leading to the race condition.
A security issue has been found in Go before version 1.16.7. A net/http/httputil ReverseProxy can panic due to a race condition if its Handler aborts with ErrAbortHandler, for example due to an error in copying the response body. An attacker might be able to force the conditions leading to the race condition.
https://groups.google.com/g/golang-announce/c/uHACNfXAZqk https://github.com/golang/go/issues/46866 https://github.com/golang/go/commit/accf363d5da864521c90b152fb734f3f15e00521
Vulmon