CVE-2024-45258 | req Package up to 3.43.3 on Go URL cleanHost missing initialization

Posted by Angelo Barbosa | Aug 26, 2024 | CVE

A vulnerability classified as critical was found in req Package up to 3.43.3 on Go. This vulnerability affects the function cleanHost of the component URL Handler. The manipulation leads to missing initialization of a variable.

This vulnerability was named CVE-2024-45258. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45258 | req Package up to 3.43.3 on Go URL cleanHost missing initialization

Related Posts

CVE-2023-45084 | SoftIron HyperCloud up to 2.0.2 Drive Caddy missing synchronization

CVE-2024-29450 | ROS2 Humble Hawksbill access control

CVE-2024-3272 | D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L up to 20240403 HTTP GET Request /cgi-bin/nas_sharing.cgi user hard-coded credentials

CVE-2024-36415 | SalesAgility SuiteCRM up to 7.14.3/8.6.0 unrestricted upload (GHSA-c82f-58jv-jfrh)