QID 354890

requests forwarded by reverseproxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http.
This could permit query parameter smuggling when a go proxy forwards a parameter with an unparseable value.
After fix, reverseproxy sanitizes the query parameters in the forwarded query when the outbound requests form field is set after the reverseproxy.
Director function returns, indicating that the proxy has parsed the query parameters.
Proxies which do not parse query parameters continue to forward the original query parameters unchanged. (
( CVE-2022-2880) code injection in cmd.
Start in os/exec before go 1.17.11 and go 1.18.3 allows execution of any binaries in the working directory named either "..com" or "..exe" by calling cmd.
Run, cmd.
Start, cmd.
Output, or cmd.
Combinedoutput when cmd.
Path is unset. (
( CVE-2022-30580) infinite loop in read in crypto/rand before go 1.17.11 and go 1.18.3 on windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. (
( CVE-2022-30634) the go project has described this issue as follows: "on windows, the filepath.
Clean function could transform an invalid path such as a/../c:/b into the valid path c:\b.
This transformation of a relative (if invalid) path into an absolute path could enable a directory traversal attack.
The filepath.
Clean function will now transform this path into the relative (but still invalid) path .\c:\b." (
This does not impact usages of crypto/ecdsa or crypto/ecdh. (
This stems from several causes: 1.
Mime/multipart.
Reader.
2.
3.
In addition, the fixed mime/multipart.

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.