VulnerableCode Package Details - pkg:deb/ubuntu/golang-1.12@1.12.5-1ubuntu1

Search for packages

Package details: pkg:deb/ubuntu/golang-1.12@1.12.5-1ubuntu1

Essentials
History (0)

purl	pkg:deb/ubuntu/golang-1.12@1.12.5-1ubuntu1

Next non-vulnerable version	1.12.10-1ubuntu1
Latest non-vulnerable version	1.12.10-1ubuntu1
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-kq1v-8r3r-aaaf Aliases: CVE-2019-16276	Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.	1.12.10-1ubuntu1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-95dr-z3gr-aaag	An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.	CVE-2019-9741

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version