pkg:golang/golang.org/x/net/http2
Type
golang
Namespace
golang.org/x/net
Name
http2
Known advisories, vulnerabilities and fixes for golang.org/x/net/http2 package.
- Repository
- https://pkg.go.dev/golang.org/x/net/http2
High
6
Medium
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 0.0.0-20211208012354-db4efeb81f4b, < 0.0.0-20211209124913-491a49abca63 |
CVE-2021-44716
|
GO-2022-0288 | Unbounded memory growth in net/http and golang.org/x/net/http2 | high |
2022-08-12T17:19:52
(2 years ago) |
|
Fixed | = 0.0.0-20211209124913-491a49abca63 |
CVE-2021-44716
|
GO-2022-0288 | Unbounded memory growth in net/http and golang.org/x/net/http2 | high |
2022-08-12T17:19:52
(2 years ago) |
|
Affected | >= 0.0.0-20190607181551-461777fb6f67, < 0.0.0-20190813141303-74dc4d7220e7 |
CVE-2019-9512
CVE-2019-9514 |
GO-2022-0536 | Reset flood in net/http and golang.org/x/net/http | high |
2022-08-12T17:19:52
(2 years ago) |
|
Fixed | = 0.0.0-20190813141303-74dc4d7220e7 |
CVE-2019-9512
CVE-2019-9514 |
GO-2022-0536 | Reset flood in net/http and golang.org/x/net/http | high |
2022-08-12T17:19:52
(2 years ago) |
|
Affected | >= 0.0.0-20220826154423-83b083e8dc8b, < 0.0.0-20220906165146-f3363e06e74c |
CVE-2022-27664
|
GO-2022-0969 | Denial of service in net/http and golang.org/x/net/http2 | high |
2022-09-12T18:23:01
(2 years ago) |
|
Fixed | = 0.0.0-20220906165146-f3363e06e74c |
CVE-2022-27664
|
GO-2022-0969 | Denial of service in net/http and golang.org/x/net/http2 | high |
2022-09-12T18:23:01
(2 years ago) |
|
Affected | >= 0.3.0, < 0.4.0 |
CVE-2022-41717
|
GO-2022-1144 | Excessive memory growth in net/http and golang.org/x/net/http2 | medium |
2022-12-08T17:16:22
(21 months ago) |
|
Fixed | = 0.4.0 |
CVE-2022-41717
|
GO-2022-1144 | Excessive memory growth in net/http and golang.org/x/net/http2 | medium |
2022-12-08T17:16:22
(21 months ago) |
|
Affected | >= 0.6.1-0.20230213185550-547e7edf3873, < 0.7.0 |
CVE-2022-41723
|
GO-2023-1571 | Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net | high |
2023-02-16T21:43:34
(19 months ago) |
|
Fixed | = 0.7.0 |
CVE-2022-41723
|
GO-2023-1571 | Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net | high |
2023-02-16T21:43:34
(19 months ago) |
|
Affected | >= 0.16.0, < 0.17.0 |
CVE-2023-39325
|
GO-2023-2102 | HTTP/2 rapid reset can cause excessive work in net/http | high |
2023-10-10T19:15:38
(11 months ago) |
|
Fixed | = 0.17.0 |
CVE-2023-39325
|
GO-2023-2102 | HTTP/2 rapid reset can cause excessive work in net/http | high |
2023-10-10T19:15:38
(11 months ago) |
|
Affected | >= 0.22.0, < 0.23.0 |
CVE-2023-45288
|
GO-2024-2687 | HTTP/2 CONTINUATION flood in net/http | high |
2024-04-03T17:40:45
(5 months ago) |
|
Fixed | = 0.23.0 |
CVE-2023-45288
|
GO-2024-2687 | HTTP/2 CONTINUATION flood in net/http | high |
2024-04-03T17:40:45
(5 months ago) |