Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for golang.org/x/net/http2/h2c by golang.org/x/net

    CVE-2022-41721 (GCVE-0-2022-41721)

    Vulnerability from nvd – Published: 2023-01-13 22:46 – Updated: 2025-04-04 14:46
    VLAI
    Title
    Request smuggling due to improper request handling in golang.org/x/net/http2/h2c
    Summary
    A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE 444: Inconsistent Interpretation of HTTP Requests ("HTTP Request/Response Smuggling)
    Assigner
    Go
    Impacted products
    Vendor Product Version
    golang.org/x/net golang.org/x/net/http2/h2c Affected: 0.0.0-20220524220425-1d687d428aca , < 0.1.1-0.20221104162952-702349b0e862 (semver)
    Create a notification for this product.
    Credits
    John Howard (Google)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:49:43.550Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/56352"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/447396"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2023-1495"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41721",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-04T14:43:40.503783Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-04T14:46:17.808Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2/h2c",
              "product": "golang.org/x/net/http2/h2c",
              "programRoutines": [
                {
                  "name": "h2cHandler.ServeHTTP"
                },
                {
                  "name": "h2cUpgrade"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.1.1-0.20221104162952-702349b0e862",
                  "status": "affected",
                  "version": "0.0.0-20220524220425-1d687d428aca",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "John Howard (Google)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE 444: Inconsistent Interpretation of HTTP Requests (\"HTTP Request/Response Smuggling)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-27T02:06:08.833Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/56352"
            },
            {
              "url": "https://go.dev/cl/447396"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2023-1495"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP/"
            }
          ],
          "title": "Request smuggling due to improper request handling in golang.org/x/net/http2/h2c"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2022-41721",
        "datePublished": "2023-01-13T22:46:22.064Z",
        "dateReserved": "2022-09-28T17:00:06.609Z",
        "dateUpdated": "2025-04-04T14:46:17.808Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41721 (GCVE-0-2022-41721)

    Vulnerability from cvelistv5 – Published: 2023-01-13 22:46 – Updated: 2025-04-04 14:46
    VLAI
    Title
    Request smuggling due to improper request handling in golang.org/x/net/http2/h2c
    Summary
    A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE 444: Inconsistent Interpretation of HTTP Requests ("HTTP Request/Response Smuggling)
    Assigner
    Go
    Impacted products
    Vendor Product Version
    golang.org/x/net golang.org/x/net/http2/h2c Affected: 0.0.0-20220524220425-1d687d428aca , < 0.1.1-0.20221104162952-702349b0e862 (semver)
    Create a notification for this product.
    Credits
    John Howard (Google)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:49:43.550Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/56352"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/447396"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2023-1495"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41721",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-04T14:43:40.503783Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-04T14:46:17.808Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2/h2c",
              "product": "golang.org/x/net/http2/h2c",
              "programRoutines": [
                {
                  "name": "h2cHandler.ServeHTTP"
                },
                {
                  "name": "h2cUpgrade"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.1.1-0.20221104162952-702349b0e862",
                  "status": "affected",
                  "version": "0.0.0-20220524220425-1d687d428aca",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "John Howard (Google)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE 444: Inconsistent Interpretation of HTTP Requests (\"HTTP Request/Response Smuggling)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-27T02:06:08.833Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/56352"
            },
            {
              "url": "https://go.dev/cl/447396"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2023-1495"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP/"
            }
          ],
          "title": "Request smuggling due to improper request handling in golang.org/x/net/http2/h2c"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2022-41721",
        "datePublished": "2023-01-13T22:46:22.064Z",
        "dateReserved": "2022-09-28T17:00:06.609Z",
        "dateUpdated": "2025-04-04T14:46:17.808Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }