1. Home
  2. Vulnerabilities
  3. CVE-2022-27664

CVE-2022-27664

CVSS v3.1 7.5 (High)
75% Progress
EPSS 0.24 % (62th)
0.24% Progress
Affected Products 2
Advisories 74
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.

Weaknesses
CWE-NVD-noinfo
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2022-09-06 18:15:12
(2 years ago)
Updated Date
2023-11-07 03:45:22
(10 months ago)

Affected Products

Fedoraproject

Golang

Configuration #1

    CPE23 From Up To
  Golang Go prior 1.18.6 version cpe:2.3:a:golang:go < 1.18.6
  Golang Go 1.19.0 cpe:2.3:a:golang:go:1.19.0

Configuration #2

    CPE23 From Up To
  Fedoraproject Fedora 36 cpe:2.3:o:fedoraproject:fedora:36
  Fedoraproject Fedora 37 cpe:2.3:o:fedoraproject:fedora:37