Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2019-9741

An issue was discovered in net/http in Go. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command. (CVE-2019-9741)

Source

ALAS-2019-1238

Amazon Linux AMI Security Advisory: ALAS-2019-1238
Advisory Release Date: 2019-07-17 23:28 Pacific
Advisory Updated Date: 2019-07-25 18:38 Pacific

Severity: Medium

References: CVE-2019-9741

Issue Overview:

An issue was discovered in net/http in Go. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command. (CVE-2019-9741)

Affected Packages:

golang

Issue Correction:
Run yum update golang to update your system.

New Packages:

i686:
    golang-bin-1.12.5-1.50.amzn1.i686
    golang-1.12.5-1.50.amzn1.i686

noarch:
    golang-docs-1.12.5-1.50.amzn1.noarch
    golang-src-1.12.5-1.50.amzn1.noarch
    golang-tests-1.12.5-1.50.amzn1.noarch
    golang-misc-1.12.5-1.50.amzn1.noarch

src:
    golang-1.12.5-1.50.amzn1.src

x86_64:
    golang-bin-1.12.5-1.50.amzn1.x86_64
    golang-1.12.5-1.50.amzn1.x86_64
    golang-race-1.12.5-1.50.amzn1.x86_64

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS-2019-1238

ALAS-2019-1238

Vulmon Search

About

Products

Connect