CVE-2022-32148
CVSS v3.1
6.5 (Medium)
EPSS
0.15 % (52th)
Affected Products
1
Advisories
64
Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- Go Project
- Published Date
-
2022-08-10 20:15:47
(2 years ago) - Updated Date
-
2023-11-07 03:47:43
(10 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...