Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[GO-2024-2963] Denial of service due to improper 100-continue handling in net/http #11

Open
1 task
bitwizeshift opened this issue Jul 25, 2024 · 1 comment
Open
1 task

[GO-2024-2963] Denial of service due to improper 100-continue handling in net/http #11

bitwizeshift opened this issue Jul 25, 2024 · 1 comment
Assignees
@bitwizeshift
Labels
Stale

Comments

@bitwizeshift
Copy link
Member

Note

It is not lost on me that this exposes the security vulnerability "publicly", however this project:

  • Is not hosted on a server, and thus cannot be connected to,
  • Is not widely used (if at all) outside of this org, and
  • Connects out to addresses, rather than allowing for malicious connections to connect to this system

This is the tracking issue for:

This task may be a no-op, but does require validating that the handling is being done correctly to avoid this security vulnerability.
@bitwizeshift bitwizeshift self-assigned this Jul 25, 2024
@fhir-bellows
Copy link

fhir-bellows bot commented Dec 4, 2024

This issue has been automatically marked as stale because it has
not had any activity in 90 days, but we won't close it -- we don't
want to lose track of it!

If you have any updates or additional information to provide, please
comment and leave any updates on the issue.

@fhir-bellows fhir-bellows bot added the Stale label Dec 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bitwizeshift bitwizeshift

Labels
Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bitwizeshift