Security Feed
  1. Archives

Aug 07 2021 Go, Rust "net" library affected by critical IP address validation vulnerability

Source

The commonly used "net" library in Go and Rust languages is also impacted by the mixed-format IP address validation vulnerability. The bug has to do with how "net" treats IP addresses as decimal, even when they are provided in a mixed (octal-decimal) format, and therefore making applications vulnerable to SSRF and RFI. [...]

Posted by Ax Sharma on Sat 07 August 2021 in BleepingComputer.

Categories

  1. 12
  2. Ars Technica
  3. AWS Security
  4. BleepingComputer
  5. Brian Krebs
  6. Bruce Schneier
  7. GCP Security
  8. Google Project Zero
  9. Mozilla Security
  10. The Daily Swig
  11. The Guardian
  12. The Register
  13. Threatpost

Tag cloud

  • Security
  • Uncategorized
  • Web Security
  • malware
  • vulnerabilities
  • Security, Identity, & Compliance
  • Microsoft
  • Security Blog
  • Biz & IT
  • privacy
  • hacks
  • Identity & Security
  • Google
  • Government
  • Foundational (100)
  • Announcements
  • Security & Identity
  • Cloud security
  • CryptoCurrency
  • hacking
  • Data and computer security
  • Technology
  • Intermediate (200)
  • A Little Sunshine
  • Technical How-to

Security Feed. Powered by Pelican and m.css. Code is available on GitLab.