CVE-2023-45289
published 2024-03-05CVE-2023-45289: When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive…
PriorityP421medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
EPSS
1.08%
60.9th percentile
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | golang-1.15 | — | — |
| debian | golang-1.19 | — | — |
| go_standard_library | net_http | < 1.21.8 | 1.21.8 |
| go_standard_library | net_http | >= 1.22.0-0 < 1.22.1 | 1.22.1 |
| go_standard_library | net_http_cookiejar | < 1.21.8 | 1.21.8 |
| go_standard_library | net_http_cookiejar | >= 1.22.0-0 < 1.22.1 | 1.22.1 |
| msrc | azl3_gcc_13.2.0-7_on_azure_linux_3.0 | — | — |
| msrc | azl3_golang_1.23.8-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_golang_1.23.9-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_golang_1.24.3-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_python-tensorboard_2.16.2-6_on_azure_linux_3.0 | — | — |
| msrc | azl3_tensorflow_2.16.1-9_on_azure_linux_3.0 | — | — |
| msrc | cbl2_gcc_11.2.0-8_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_golang_1.17.13-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_golang_1.18.8-7_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_golang_1.21.6-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_golang_1.22.7-3_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_msft-golang_1.24.1-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_python-tensorboard_2.11.0-3_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_tensorflow_2.11.1-2_on_cbl_mariner_2.0 | — | — |
| paloalto | pan-os | — | — |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
osv7.5HIGH
vendor_ubuntu7.5HIGH
vendor_debian4.3MEDIUM
vendor_msrc4.3MEDIUM
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
PAN-SA-2024-0013 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-11-01·CVSS 9.8
CVE-2017-12424 [CRITICAL] PAN-SA-2024-0013 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0013 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2017-12424, CVE-2021-3114, CVE-2021-31525, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-36221, CVE-2021-4034, CVE-2021-44716, CVE-2021-44717, CVE-2022-1664, CVE-2022-1705, CVE-2022-23772, CVE-2022-24675, CVE-2022-24921, CVE-2022-28327, CVE-2022-2880, CVE-2022-29526, CVE-2022-30629, CVE-2022-30631, CVE-2022-30632, CVE-2022-32148, CVE-2022-32189, CVE-2022-41715, CVE-2022-41717, CVE-2022-41724, CVE-2022-41725, CVE-2023-24534, CVE-2023-24536, CVE-2023-24539, CVE-2023-29406, CVE-2023-29409, CVE-2023-39
Ubuntu
Go vulnerabilities
vendor_ubuntu·2024-07-09·CVSS 7.5
CVE-2023-45290 [HIGH] Go vulnerabilities
Title: Go vulnerabilities
Summary: Several security issues were fixed in Go.
It was discovered that the Go net/http module did not properly handle the
requests when request\'s headers exceed MaxHeaderBytes. An attacker could
possibly use this issue to cause a panic resulting into a denial of service.
This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
(CVE-2023-45288)
It was discovered that the Go net/http module did not properly validate the
subdomain match or exact match of the initial domain. An attacker could
possibly use this issue to read sensitive information. This issue only
affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-45289)
It was discovered that the Go net/http module did not properly validate the
total size of the parsed form w
Microsoft
Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http
vendor_msrc·2024-03-12·CVSS 4.3
CVE-2023-45289 [MEDIUM] Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http
Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
Go: Go
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Ref
Red Hat
golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect
vendor_redhat·2024-03-05·CVSS 4.3
CVE-2023-45289 [MEDIUM] CWE-200 golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect
golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For
Debian
CVE-2023-45289: golang-1.15 - When following an HTTP redirect to a domain which is not a subdomain match or ex...
vendor_debian·2023·CVSS 4.3
CVE-2023-45289 [MEDIUM] CVE-2023-45289: golang-1.15 - When following an HTTP redirect to a domain which is not a subdomain match or ex...
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
Scope: local
bullseye: open
OSV
golang-1.21, golang-1.22 vulnerabilities
osv·2024-07-09·CVSS 7.5
CVE-2023-45288 [HIGH] golang-1.21, golang-1.22 vulnerabilities
golang-1.21, golang-1.22 vulnerabilities
It was discovered that the Go net/http module did not properly handle the
requests when request\'s headers exceed MaxHeaderBytes. An attacker could
possibly use this issue to cause a panic resulting into a denial of service.
This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
(CVE-2023-45288)
It was discovered that the Go net/http module did not properly validate the
subdomain match or exact match of the initial domain. An attacker could
possibly use this issue to read sensitive information. This issue only
affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-45289)
It was discovered that the Go net/http module did not properly validate the
total size of the parsed form when parsing a multipart form. An atta
GHSA
GHSA-32ch-6x54-q4h9: When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http
ghsa_unreviewed·2024-03-06
CVE-2023-45289 [MEDIUM] GHSA-32ch-6x54-q4h9: When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
OSV
CVE-2023-45289: When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http
osv·2024-03-05·CVSS 4.3
CVE-2023-45289 [MEDIUM] CVE-2023-45289: When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
OSV
Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http
osv·2024-03-05
CVE-2023-45289 Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http
Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not.
A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
No detection rules found.
No public exploits indexed.
http://www.openwall.com/lists/oss-security/2024/03/08/4https://go.dev/cl/569340https://go.dev/issue/65065https://groups.google.com/g/golang-announce/c/5pwGVUPoMbghttps://pkg.go.dev/vuln/GO-2024-2600https://security.netapp.com/advisory/ntap-20240329-0006/http://www.openwall.com/lists/oss-security/2024/03/08/4https://go.dev/cl/569340https://go.dev/issue/65065https://groups.google.com/g/golang-announce/c/5pwGVUPoMbghttps://pkg.go.dev/vuln/GO-2024-2600https://security.netapp.com/advisory/ntap-20240329-0006/
2024-03-05
Published