GoHTTP through 2017-07-25 has a GetExtension heap-based buffer overflow via a long extension.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| gohttp_project | gohttp | * |
GoHTTP through 2017-07-25 has a stack-based buffer over-read in the scan function (when called from getRequestType) via a long URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| gohttp_project | gohttp | * |
GoHTTP through 2017-07-25 has a sendHeader use-after-free.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| gohttp_project | gohttp | * |
In GoHttp through 2017-07-25, there is a stack-based buffer over-read via a long User-Agent header.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| gohttp_project | gohttp | * |