CVE-2024-45336 | Google Go up to 1.22.10/1.23.4 net-http cross-domain policy

Inserito da Angelo Barbosa | Gen 18, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Google Go up to 1.22.10/1.23.4. This affects an unknown part of the component net-http. The manipulation leads to permissive cross-domain policy with untrusted domains.

This vulnerability is uniquely identified as CVE-2024-45336. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45336 | Google Go up to 1.22.10/1.23.4 net-http cross-domain policy

Post correlati

CVE-2024-7180 | TOTOLINK A3600R 4.1.2cu.5182_B20201102 /cgi-bin/cstecgi.cgi setPortForwardRules comment buffer overflow

CVE-2024-5812 | BeyondTrust BeyondInsight PasswordSafe prior 23.2.0.1293/23.3.0.959/24.1.1 API Request authentication spoofing

CVE-2024-5137 | PHPGurukul Directory Management System 1.0 Searchbar /admin/admin-profile.php cross site scripting

CVE-2023-37154 | Nagios Nagios-plugins up to 2.4.4 check_by_ssh ProxyCommand/LocalCommand/PermitLocalCommand Privilege Escalation (GHSA-p3gv-vmpx-hhw4)