Search

Find a vulnerability

Search criteria

    32 vulnerabilities found for net/http by Go standard library

    CVE-2026-33814 (GCVE-0-2026-33814)

    Vulnerability from nvd – Published: 2026-05-07 19:41 – Updated: 2026-07-08 12:05
    VLAI
    Title
    Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
    Summary
    When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    • CWE-606 - Unchecked Input for Loop Condition
    Assigner
    Go
    Impacted products
    Vendor Product Version
    golang.org/x/net golang.org/x/net/http2 Affected: 0 , < 0.53.0 (semver)
    Create a notification for this product.
    Go standard library net/http Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Red Hat Cluster Observability Operator 1.5.0     cpe:/a:redhat:cluster_observability_operator:1.5::el9
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.0     cpe:/a:redhat:service_mesh:3.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.1     cpe:/a:redhat:service_mesh:3.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.2     cpe:/a:redhat:service_mesh:3.2::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.3     cpe:/a:redhat:service_mesh:3.3::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
    Create a notification for this product.
    Credits
    Marwan Atia (marwansamir688@gmail.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33814",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T18:00:53.951676Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T18:01:02.989Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:cluster_observability_operator:1.5::el9"
                ],
                "defaultStatus": "affected",
                "product": "Cluster Observability Operator 1.5.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Service Mesh 2",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-07T19:41:17.631Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-606",
                    "description": "Unchecked Input for Loop Condition",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-08T12:05:50.420Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-33814"
              },
              {
                "name": "RHBZ#2467815",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467815"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33814.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34342"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23262"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23264"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33120"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33123"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33142"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33150"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34342: Cluster Observability Operator 1.5.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23262: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23264: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-07T20:01:11.324Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-07T19:41:17.631Z",
                "value": "Made public."
              }
            ],
            "title": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2",
              "product": "golang.org/x/net/http2",
              "programRoutines": [
                {
                  "name": "clientConnReadLoop.processSettingsNoWrite"
                },
                {
                  "name": "Transport.NewClientConn"
                },
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "Transport.RoundTripOpt"
                },
                {
                  "name": "clientConnPool.GetClientConn"
                },
                {
                  "name": "noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "noDialH2RoundTripper.NewClientConn"
                },
                {
                  "name": "noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "unencryptedTransport.RoundTrip"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.53.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "http2clientConnReadLoop.processSettingsNoWrite"
                },
                {
                  "name": "Client.CloseIdleConnections"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "ClientConn.Close"
                },
                {
                  "name": "ClientConn.RoundTrip"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.NewClientConn"
                },
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "http1ClientConn.Close"
                },
                {
                  "name": "http1ClientConn.RoundTrip"
                },
                {
                  "name": "http2Transport.NewClientConn"
                },
                {
                  "name": "http2Transport.RoundTrip"
                },
                {
                  "name": "http2Transport.RoundTripOpt"
                },
                {
                  "name": "http2clientConnPool.GetClientConn"
                },
                {
                  "name": "http2noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "http2noDialH2RoundTripper.NewClientConn"
                },
                {
                  "name": "http2noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "http2unencryptedTransport.RoundTrip"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Marwan Atia (marwansamir688@gmail.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:17.631Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/761581"
            },
            {
              "url": "https://go.dev/cl/761640"
            },
            {
              "url": "https://go.dev/issue/78476"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4918"
            }
          ],
          "title": "Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-33814",
        "datePublished": "2026-05-07T19:41:17.631Z",
        "dateReserved": "2026-03-23T20:35:32.814Z",
        "dateUpdated": "2026-07-08T12:05:50.420Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-58186 (GCVE-0-2025-58186)

    Vulnerability from nvd – Published: 2025-10-29 22:10 – Updated: 2025-11-04 21:13
    VLAI
    Title
    Lack of limit when parsing cookies can cause memory exhaustion in net/http
    Summary
    Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.24.8 (semver)
    Affected: 1.25.0 , < 1.25.2 (semver)
    Create a notification for this product.
    Credits
    jub0bs
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 5.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-58186",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-30T14:24:44.763207Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-30T14:24:50.235Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T21:13:35.468Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/10/08/1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "ParseCookie"
                },
                {
                  "name": "readSetCookies"
                },
                {
                  "name": "readCookies"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "Request.Cookie"
                },
                {
                  "name": "Request.Cookies"
                },
                {
                  "name": "Request.CookiesNamed"
                },
                {
                  "name": "Response.Cookies"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.24.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.25.2",
                  "status": "affected",
                  "version": "1.25.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "jub0bs"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as \"a=;\", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-29T22:10:13.912Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/75672"
            },
            {
              "url": "https://go.dev/cl/709855"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2025-4012"
            }
          ],
          "title": "Lack of limit when parsing cookies can cause memory exhaustion in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2025-58186",
        "datePublished": "2025-10-29T22:10:13.912Z",
        "dateReserved": "2025-08-27T14:50:58.691Z",
        "dateUpdated": "2025-11-04T21:13:35.468Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-47910 (GCVE-0-2025-47910)

    Vulnerability from nvd – Published: 2025-09-22 21:01 – Updated: 2025-09-24 13:29
    VLAI
    Title
    CrossOriginProtection insecure bypass patterns not limited to exact matches in net/http
    Summary
    When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 1.25.0 , < 1.25.1 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47910",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-24T13:29:38.364534Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-24T13:29:45.405Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "CrossOriginProtection.AddInsecureBypassPattern"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.1",
                  "status": "affected",
                  "version": "1.25.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-284: Improper Access Control",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-22T21:01:55.440Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/699275"
            },
            {
              "url": "https://go.dev/issue/75054"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/PtW9VW21NPs/m/DJhMQ-m5AQAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2025-3955"
            }
          ],
          "title": "CrossOriginProtection insecure bypass patterns not limited to exact matches in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2025-47910",
        "datePublished": "2025-09-22T21:01:55.440Z",
        "dateReserved": "2025-05-13T23:31:29.597Z",
        "dateUpdated": "2025-09-24T13:29:45.405Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-4673 (GCVE-0-2025-4673)

    Vulnerability from nvd – Published: 2025-06-11 16:42 – Updated: 2025-06-11 17:59
    VLAI
    Title
    Sensitive headers not cleared on cross-origin redirect in net/http
    Summary
    Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-201 - Insertion of Sensitive Information Into Sent Data
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.23.10 (semver)
    Affected: 1.24.0-0 , < 1.24.4 (semver)
    Create a notification for this product.
    Credits
    Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.8,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4673",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T17:59:02.225500Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-11T17:59:48.033Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "Client.makeHeadersCopier"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.23.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.24.4",
                  "status": "affected",
                  "version": "1.24.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-201: Insertion of Sensitive Information Into Sent Data",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-11T16:42:53.054Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/679257"
            },
            {
              "url": "https://go.dev/issue/73816"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2025-3751"
            }
          ],
          "title": "Sensitive headers not cleared on cross-origin redirect in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2025-4673",
        "datePublished": "2025-06-11T16:42:53.054Z",
        "dateReserved": "2025-05-13T23:30:53.327Z",
        "dateUpdated": "2025-06-11T17:59:48.033Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-22870 (GCVE-0-2025-22870)

    Vulnerability from nvd – Published: 2025-03-12 18:27 – Updated: 2026-04-16 22:39
    VLAI
    Title
    HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net
    Summary
    Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.23.7 (semver)
    Affected: 1.24.0-0 , < 1.24.1 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/http/httpproxy Affected: 0 , < 0.36.0 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/proxy Affected: 0 , < 0.36.0 (semver)
    Create a notification for this product.
    Credits
    Juho Forsén of Mattermost
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-05-09T20:03:37.043Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/03/07/2"
              },
              {
                "url": "https://security.netapp.com/advisory/ntap-20250509-0007/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "LOW",
                  "baseScore": 4.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-22870",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-18T16:31:16.493335Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-115",
                    "description": "CWE-115 Misinterpretation of Input",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-18T16:32:14.847Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "envProxyFunc"
                },
                {
                  "name": "ProxyFromEnvironment"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.23.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.24.1",
                  "status": "affected",
                  "version": "1.24.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http/httpproxy",
              "product": "golang.org/x/net/http/httpproxy",
              "programRoutines": [
                {
                  "name": "config.useProxy"
                },
                {
                  "name": "domainMatch.match"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.36.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/proxy",
              "product": "golang.org/x/net/proxy",
              "programRoutines": [
                {
                  "name": "PerHost.dialerForRequest"
                },
                {
                  "name": "PerHost.AddFromString"
                },
                {
                  "name": "Dial"
                },
                {
                  "name": "FromEnvironment"
                },
                {
                  "name": "FromEnvironmentUsing"
                },
                {
                  "name": "PerHost.Dial"
                },
                {
                  "name": "PerHost.DialContext"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.36.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Juho Fors\u00e9n of Mattermost"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-115 Misinterpretation of Input",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-16T22:39:33.619Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/654697"
            },
            {
              "url": "https://go.dev/issue/71984"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/4t3lzH3I0eI/m/b42ImqrBAQAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2025-3503"
            }
          ],
          "title": "HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2025-22870",
        "datePublished": "2025-03-12T18:27:59.376Z",
        "dateReserved": "2025-01-08T19:11:42.834Z",
        "dateUpdated": "2026-04-16T22:39:33.619Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-45336 (GCVE-0-2024-45336)

    Vulnerability from nvd – Published: 2025-01-28 01:03 – Updated: 2025-09-18 18:41
    VLAI
    Title
    Sensitive headers incorrectly sent after cross-domain redirect in net/http
    Summary
    The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-201 - Insertion of Sensitive Information Into Sent Data
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.22.11 (semver)
    Affected: 1.23.0-0 , < 1.23.5 (semver)
    Affected: 1.24.0-0 , < 1.24.0-rc.2 (semver)
    Create a notification for this product.
    Credits
    Kyle Seely
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45336",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-28T14:56:59.058895Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-28T15:16:38.044Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-02-21T18:03:31.299Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20250221-0003/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "Client.do"
                },
                {
                  "name": "Client.makeHeadersCopier"
                },
                {
                  "name": "shouldCopyHeaderOnRedirect"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.22.11",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.23.5",
                  "status": "affected",
                  "version": "1.23.0-0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.24.0-rc.2",
                  "status": "affected",
                  "version": "1.24.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Kyle Seely"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-201: Insertion of Sensitive Information Into Sent Data",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-18T18:41:11.116Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/643100"
            },
            {
              "url": "https://go.dev/issue/70530"
            },
            {
              "url": "https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ"
            },
            {
              "url": "https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2025-3420"
            }
          ],
          "title": "Sensitive headers incorrectly sent after cross-domain redirect in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2024-45336",
        "datePublished": "2025-01-28T01:03:24.869Z",
        "dateReserved": "2024-08-27T19:41:58.555Z",
        "dateUpdated": "2025-09-18T18:41:11.116Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-24791 (GCVE-0-2024-24791)

    Vulnerability from nvd – Published: 2024-07-02 21:28 – Updated: 2024-10-04 15:02
    VLAI
    Title
    Denial of service due to improper 100-continue handling in net/http
    Summary
    The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE 400: Uncontrolled Resource Consumption
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.21.12 (semver)
    Affected: 1.22.0-0 , < 1.22.5 (semver)
    Create a notification for this product.
    go_standard_library net\/http Affected: 0 , < 1.21.12 (custom)
    Affected: 1.22.0-0 , < 1.22.5 (custom)
        cpe:2.3:a:go_standard_library:net\/http:1.21.12:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Geoff Franks
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:go_standard_library:net\\/http:1.21.12:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "net\\/http",
                "vendor": "go_standard_library",
                "versions": [
                  {
                    "lessThan": "1.21.12",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "1.22.5",
                    "status": "affected",
                    "version": "1.22.0-0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-24791",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-03T13:39:23.366299Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-03T13:45:59.566Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-10-04T15:02:46.565Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/591255"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/67555"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2024-2963"
              },
              {
                "url": "https://security.netapp.com/advisory/ntap-20241004-0004/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "persistConn.readResponse"
                },
                {
                  "name": "Client.CloseIdleConnections"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "Transport.CancelRequest"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.RoundTrip"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.21.12",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.22.5",
                  "status": "affected",
                  "version": "1.22.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Geoff Franks"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an \"Expect: 100-continue\" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending \"Expect: 100-continue\" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE 400: Uncontrolled Resource Consumption",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-02T21:28:25.677Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/591255"
            },
            {
              "url": "https://go.dev/issue/67555"
            },
            {
              "url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2024-2963"
            }
          ],
          "title": "Denial of service due to improper 100-continue handling in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2024-24791",
        "datePublished": "2024-07-02T21:28:25.677Z",
        "dateReserved": "2024-01-30T16:05:14.758Z",
        "dateUpdated": "2024-10-04T15:02:46.565Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45288 (GCVE-0-2023-45288)

    Vulnerability from nvd – Published: 2024-04-04 20:37 – Updated: 2025-11-04 18:17
    VLAI
    Title
    HTTP/2 CONTINUATION flood in net/http
    Summary
    An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.21.9 (semver)
    Affected: 1.22.0-0 , < 1.22.2 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/http2 Affected: 0 , < 0.23.0 (semver)
    Create a notification for this product.
    go_standard_library net\/http Affected: 0 , < 1.21.9 (custom)
    Affected: 1.22.0-0 , < 1.22.2 (custom)
        cpe:2.3:a:go_standard_library:net\/http:*:*:*:*:*:*:*:*
    Create a notification for this product.
    golang http2 Affected: 0 , < 0.23.0 (custom)
        cpe:2.3:a:golang:http2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Bartek Nowotarski (https://nowotarski.info/)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T18:17:43.583Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/65051"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/576155"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2024-2687"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240419-0009/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/05/4"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/03/16"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/421644"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:go_standard_library:net\\/http:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "net\\/http",
                "vendor": "go_standard_library",
                "versions": [
                  {
                    "lessThan": "1.21.9",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "1.22.2",
                    "status": "affected",
                    "version": "1.22.0-0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:golang:http2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "http2",
                "vendor": "golang",
                "versions": [
                  {
                    "lessThan": "0.23.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45288",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-05T17:08:42.212936Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-26T20:40:01.996Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "http2Framer.readMetaFrame"
                },
                {
                  "name": "CanonicalHeaderKey"
                },
                {
                  "name": "Client.CloseIdleConnections"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Cookie.String"
                },
                {
                  "name": "Cookie.Valid"
                },
                {
                  "name": "Dir.Open"
                },
                {
                  "name": "Error"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "HandlerFunc.ServeHTTP"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Header.Add"
                },
                {
                  "name": "Header.Del"
                },
                {
                  "name": "Header.Get"
                },
                {
                  "name": "Header.Set"
                },
                {
                  "name": "Header.Values"
                },
                {
                  "name": "Header.Write"
                },
                {
                  "name": "Header.WriteSubset"
                },
                {
                  "name": "ListenAndServe"
                },
                {
                  "name": "ListenAndServeTLS"
                },
                {
                  "name": "NewRequest"
                },
                {
                  "name": "NewRequestWithContext"
                },
                {
                  "name": "NotFound"
                },
                {
                  "name": "ParseTime"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "ProxyFromEnvironment"
                },
                {
                  "name": "ReadRequest"
                },
                {
                  "name": "ReadResponse"
                },
                {
                  "name": "Redirect"
                },
                {
                  "name": "Request.AddCookie"
                },
                {
                  "name": "Request.BasicAuth"
                },
                {
                  "name": "Request.FormFile"
                },
                {
                  "name": "Request.FormValue"
                },
                {
                  "name": "Request.MultipartReader"
                },
                {
                  "name": "Request.ParseForm"
                },
                {
                  "name": "Request.ParseMultipartForm"
                },
                {
                  "name": "Request.PostFormValue"
                },
                {
                  "name": "Request.Referer"
                },
                {
                  "name": "Request.SetBasicAuth"
                },
                {
                  "name": "Request.UserAgent"
                },
                {
                  "name": "Request.Write"
                },
                {
                  "name": "Request.WriteProxy"
                },
                {
                  "name": "Response.Cookies"
                },
                {
                  "name": "Response.Location"
                },
                {
                  "name": "Response.Write"
                },
                {
                  "name": "ResponseController.EnableFullDuplex"
                },
                {
                  "name": "ResponseController.Flush"
                },
                {
                  "name": "ResponseController.Hijack"
                },
                {
                  "name": "ResponseController.SetReadDeadline"
                },
                {
                  "name": "ResponseController.SetWriteDeadline"
                },
                {
                  "name": "Serve"
                },
                {
                  "name": "ServeContent"
                },
                {
                  "name": "ServeFile"
                },
                {
                  "name": "ServeMux.ServeHTTP"
                },
                {
                  "name": "ServeTLS"
                },
                {
                  "name": "Server.Close"
                },
                {
                  "name": "Server.ListenAndServe"
                },
                {
                  "name": "Server.ListenAndServeTLS"
                },
                {
                  "name": "Server.Serve"
                },
                {
                  "name": "Server.ServeTLS"
                },
                {
                  "name": "Server.SetKeepAlivesEnabled"
                },
                {
                  "name": "Server.Shutdown"
                },
                {
                  "name": "SetCookie"
                },
                {
                  "name": "Transport.CancelRequest"
                },
                {
                  "name": "Transport.Clone"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "body.Close"
                },
                {
                  "name": "body.Read"
                },
                {
                  "name": "bodyEOFSignal.Close"
                },
                {
                  "name": "bodyEOFSignal.Read"
                },
                {
                  "name": "bodyLocked.Read"
                },
                {
                  "name": "bufioFlushWriter.Write"
                },
                {
                  "name": "cancelTimerBody.Close"
                },
                {
                  "name": "cancelTimerBody.Read"
                },
                {
                  "name": "checkConnErrorWriter.Write"
                },
                {
                  "name": "chunkWriter.Write"
                },
                {
                  "name": "connReader.Read"
                },
                {
                  "name": "connectMethodKey.String"
                },
                {
                  "name": "expectContinueReader.Close"
                },
                {
                  "name": "expectContinueReader.Read"
                },
                {
                  "name": "extraHeader.Write"
                },
                {
                  "name": "fileHandler.ServeHTTP"
                },
                {
                  "name": "fileTransport.RoundTrip"
                },
                {
                  "name": "globalOptionsHandler.ServeHTTP"
                },
                {
                  "name": "gzipReader.Close"
                },
                {
                  "name": "gzipReader.Read"
                },
                {
                  "name": "http2ClientConn.Close"
                },
                {
                  "name": "http2ClientConn.Ping"
                },
                {
                  "name": "http2ClientConn.RoundTrip"
                },
                {
                  "name": "http2ClientConn.Shutdown"
                },
                {
                  "name": "http2ConnectionError.Error"
                },
                {
                  "name": "http2ErrCode.String"
                },
                {
                  "name": "http2FrameHeader.String"
                },
                {
                  "name": "http2FrameType.String"
                },
                {
                  "name": "http2FrameWriteRequest.String"
                },
                {
                  "name": "http2Framer.ReadFrame"
                },
                {
                  "name": "http2Framer.WriteContinuation"
                },
                {
                  "name": "http2Framer.WriteData"
                },
                {
                  "name": "http2Framer.WriteDataPadded"
                },
                {
                  "name": "http2Framer.WriteGoAway"
                },
                {
                  "name": "http2Framer.WriteHeaders"
                },
                {
                  "name": "http2Framer.WritePing"
                },
                {
                  "name": "http2Framer.WritePriority"
                },
                {
                  "name": "http2Framer.WritePushPromise"
                },
                {
                  "name": "http2Framer.WriteRSTStream"
                },
                {
                  "name": "http2Framer.WriteRawFrame"
                },
                {
                  "name": "http2Framer.WriteSettings"
                },
                {
                  "name": "http2Framer.WriteSettingsAck"
                },
                {
                  "name": "http2Framer.WriteWindowUpdate"
                },
                {
                  "name": "http2GoAwayError.Error"
                },
                {
                  "name": "http2Server.ServeConn"
                },
                {
                  "name": "http2Setting.String"
                },
                {
                  "name": "http2SettingID.String"
                },
                {
                  "name": "http2SettingsFrame.ForeachSetting"
                },
                {
                  "name": "http2StreamError.Error"
                },
                {
                  "name": "http2Transport.CloseIdleConnections"
                },
                {
                  "name": "http2Transport.NewClientConn"
                },
                {
                  "name": "http2Transport.RoundTrip"
                },
                {
                  "name": "http2Transport.RoundTripOpt"
                },
                {
                  "name": "http2bufferedWriter.Flush"
                },
                {
                  "name": "http2bufferedWriter.Write"
                },
                {
                  "name": "http2chunkWriter.Write"
                },
                {
                  "name": "http2clientConnPool.GetClientConn"
                },
                {
                  "name": "http2connError.Error"
                },
                {
                  "name": "http2dataBuffer.Read"
                },
                {
                  "name": "http2duplicatePseudoHeaderError.Error"
                },
                {
                  "name": "http2gzipReader.Close"
                },
                {
                  "name": "http2gzipReader.Read"
                },
                {
                  "name": "http2headerFieldNameError.Error"
                },
                {
                  "name": "http2headerFieldValueError.Error"
                },
                {
                  "name": "http2noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "http2noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "http2pipe.Read"
                },
                {
                  "name": "http2priorityWriteScheduler.CloseStream"
                },
                {
                  "name": "http2priorityWriteScheduler.OpenStream"
                },
                {
                  "name": "http2pseudoHeaderError.Error"
                },
                {
                  "name": "http2requestBody.Close"
                },
                {
                  "name": "http2requestBody.Read"
                },
                {
                  "name": "http2responseWriter.Flush"
                },
                {
                  "name": "http2responseWriter.FlushError"
                },
                {
                  "name": "http2responseWriter.Push"
                },
                {
                  "name": "http2responseWriter.SetReadDeadline"
                },
                {
                  "name": "http2responseWriter.SetWriteDeadline"
                },
                {
                  "name": "http2responseWriter.Write"
                },
                {
                  "name": "http2responseWriter.WriteHeader"
                },
                {
                  "name": "http2responseWriter.WriteString"
                },
                {
                  "name": "http2roundRobinWriteScheduler.OpenStream"
                },
                {
                  "name": "http2serverConn.CloseConn"
                },
                {
                  "name": "http2serverConn.Flush"
                },
                {
                  "name": "http2stickyErrWriter.Write"
                },
                {
                  "name": "http2transportResponseBody.Close"
                },
                {
                  "name": "http2transportResponseBody.Read"
                },
                {
                  "name": "http2writeData.String"
                },
                {
                  "name": "initALPNRequest.ServeHTTP"
                },
                {
                  "name": "loggingConn.Close"
                },
                {
                  "name": "loggingConn.Read"
                },
                {
                  "name": "loggingConn.Write"
                },
                {
                  "name": "maxBytesReader.Close"
                },
                {
                  "name": "maxBytesReader.Read"
                },
                {
                  "name": "onceCloseListener.Close"
                },
                {
                  "name": "persistConn.Read"
                },
                {
                  "name": "persistConnWriter.ReadFrom"
                },
                {
                  "name": "persistConnWriter.Write"
                },
                {
                  "name": "populateResponse.Write"
                },
                {
                  "name": "populateResponse.WriteHeader"
                },
                {
                  "name": "readTrackingBody.Close"
                },
                {
                  "name": "readTrackingBody.Read"
                },
                {
                  "name": "readWriteCloserBody.Read"
                },
                {
                  "name": "redirectHandler.ServeHTTP"
                },
                {
                  "name": "response.Flush"
                },
                {
                  "name": "response.FlushError"
                },
                {
                  "name": "response.Hijack"
                },
                {
                  "name": "response.ReadFrom"
                },
                {
                  "name": "response.Write"
                },
                {
                  "name": "response.WriteHeader"
                },
                {
                  "name": "response.WriteString"
                },
                {
                  "name": "serverHandler.ServeHTTP"
                },
                {
                  "name": "socksDialer.DialWithConn"
                },
                {
                  "name": "socksUsernamePassword.Authenticate"
                },
                {
                  "name": "stringWriter.WriteString"
                },
                {
                  "name": "timeoutHandler.ServeHTTP"
                },
                {
                  "name": "timeoutWriter.Write"
                },
                {
                  "name": "timeoutWriter.WriteHeader"
                },
                {
                  "name": "transportReadFromServerError.Error"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.21.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.22.2",
                  "status": "affected",
                  "version": "1.22.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2",
              "product": "golang.org/x/net/http2",
              "programRoutines": [
                {
                  "name": "Framer.readMetaFrame"
                },
                {
                  "name": "ClientConn.Close"
                },
                {
                  "name": "ClientConn.Ping"
                },
                {
                  "name": "ClientConn.RoundTrip"
                },
                {
                  "name": "ClientConn.Shutdown"
                },
                {
                  "name": "ConfigureServer"
                },
                {
                  "name": "ConfigureTransport"
                },
                {
                  "name": "ConfigureTransports"
                },
                {
                  "name": "ConnectionError.Error"
                },
                {
                  "name": "ErrCode.String"
                },
                {
                  "name": "FrameHeader.String"
                },
                {
                  "name": "FrameType.String"
                },
                {
                  "name": "FrameWriteRequest.String"
                },
                {
                  "name": "Framer.ReadFrame"
                },
                {
                  "name": "Framer.WriteContinuation"
                },
                {
                  "name": "Framer.WriteData"
                },
                {
                  "name": "Framer.WriteDataPadded"
                },
                {
                  "name": "Framer.WriteGoAway"
                },
                {
                  "name": "Framer.WriteHeaders"
                },
                {
                  "name": "Framer.WritePing"
                },
                {
                  "name": "Framer.WritePriority"
                },
                {
                  "name": "Framer.WritePushPromise"
                },
                {
                  "name": "Framer.WriteRSTStream"
                },
                {
                  "name": "Framer.WriteRawFrame"
                },
                {
                  "name": "Framer.WriteSettings"
                },
                {
                  "name": "Framer.WriteSettingsAck"
                },
                {
                  "name": "Framer.WriteWindowUpdate"
                },
                {
                  "name": "GoAwayError.Error"
                },
                {
                  "name": "ReadFrameHeader"
                },
                {
                  "name": "Server.ServeConn"
                },
                {
                  "name": "Setting.String"
                },
                {
                  "name": "SettingID.String"
                },
                {
                  "name": "SettingsFrame.ForeachSetting"
                },
                {
                  "name": "StreamError.Error"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.NewClientConn"
                },
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "Transport.RoundTripOpt"
                },
                {
                  "name": "bufferedWriter.Flush"
                },
                {
                  "name": "bufferedWriter.Write"
                },
                {
                  "name": "chunkWriter.Write"
                },
                {
                  "name": "clientConnPool.GetClientConn"
                },
                {
                  "name": "connError.Error"
                },
                {
                  "name": "dataBuffer.Read"
                },
                {
                  "name": "duplicatePseudoHeaderError.Error"
                },
                {
                  "name": "gzipReader.Close"
                },
                {
                  "name": "gzipReader.Read"
                },
                {
                  "name": "headerFieldNameError.Error"
                },
                {
                  "name": "headerFieldValueError.Error"
                },
                {
                  "name": "noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "pipe.Read"
                },
                {
                  "name": "priorityWriteScheduler.CloseStream"
                },
                {
                  "name": "priorityWriteScheduler.OpenStream"
                },
                {
                  "name": "pseudoHeaderError.Error"
                },
                {
                  "name": "requestBody.Close"
                },
                {
                  "name": "requestBody.Read"
                },
                {
                  "name": "responseWriter.Flush"
                },
                {
                  "name": "responseWriter.FlushError"
                },
                {
                  "name": "responseWriter.Push"
                },
                {
                  "name": "responseWriter.SetReadDeadline"
                },
                {
                  "name": "responseWriter.SetWriteDeadline"
                },
                {
                  "name": "responseWriter.Write"
                },
                {
                  "name": "responseWriter.WriteHeader"
                },
                {
                  "name": "responseWriter.WriteString"
                },
                {
                  "name": "roundRobinWriteScheduler.OpenStream"
                },
                {
                  "name": "serverConn.CloseConn"
                },
                {
                  "name": "serverConn.Flush"
                },
                {
                  "name": "stickyErrWriter.Write"
                },
                {
                  "name": "transportResponseBody.Close"
                },
                {
                  "name": "transportResponseBody.Read"
                },
                {
                  "name": "writeData.String"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.23.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Bartek Nowotarski (https://nowotarski.info/)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-01T17:10:07.754Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/65051"
            },
            {
              "url": "https://go.dev/cl/576155"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2024-2687"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20240419-0009/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2024/04/05/4"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2024/04/03/16"
            }
          ],
          "title": "HTTP/2 CONTINUATION flood in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2023-45288",
        "datePublished": "2024-04-04T20:37:30.714Z",
        "dateReserved": "2023-10-06T17:06:26.221Z",
        "dateUpdated": "2025-11-04T18:17:43.583Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-45289 (GCVE-0-2023-45289)

    Vulnerability from nvd – Published: 2024-03-05 22:22 – Updated: 2025-02-13 17:14
    VLAI
    Title
    Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http
    Summary
    When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.21.8 (semver)
    Affected: 1.22.0-0 , < 1.22.1 (semver)
    Create a notification for this product.
    Go standard library net/http/cookiejar Affected: 0 , < 1.21.8 (semver)
    Affected: 1.22.0-0 , < 1.22.1 (semver)
    Create a notification for this product.
    Credits
    Juho Nurminen of Mattermost
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 4.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45289",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-06T16:34:47.460894Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-04T18:24:28.343Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:15.333Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/65065"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/569340"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2024-2600"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240329-0006/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "isDomainOrSubdomain"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.21.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.22.1",
                  "status": "affected",
                  "version": "1.22.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http/cookiejar",
              "product": "net/http/cookiejar",
              "programRoutines": [
                {
                  "name": "isIP"
                },
                {
                  "name": "Jar.Cookies"
                },
                {
                  "name": "Jar.SetCookies"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.21.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.22.1",
                  "status": "affected",
                  "version": "1.22.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Juho Nurminen of Mattermost"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-01T17:09:39.339Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/65065"
            },
            {
              "url": "https://go.dev/cl/569340"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2024-2600"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20240329-0006/"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
            }
          ],
          "title": "Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2023-45289",
        "datePublished": "2024-03-05T22:22:30.306Z",
        "dateReserved": "2023-10-06T17:06:26.221Z",
        "dateUpdated": "2025-02-13T17:14:01.755Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39325 (GCVE-0-2023-39325)

    Vulnerability from nvd – Published: 2023-10-11 21:15 – Updated: 2025-02-13 17:02
    VLAI
    Title
    HTTP/2 rapid reset can cause excessive work in net/http
    Summary
    A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.
    Severity
    No CVSS data available.
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Go
    References
    URL Tags
    https://go.dev/issue/63417
    https://go.dev/cl/534215
    https://go.dev/cl/534235
    https://groups.google.com/g/golang-announce/c/iNN…
    https://pkg.go.dev/vuln/GO-2023-2102
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://security.netapp.com/advisory/ntap-2023111…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://security.gentoo.org/glsa/202311-09
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.20.10 (semver)
    Affected: 1.21.0-0 , < 1.21.3 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/http2 Affected: 0 , < 0.17.0 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:02:06.746Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/63417"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/534215"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/534235"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2023-2102"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20231110-0008/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202311-09"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "http2serverConn.serve"
                },
                {
                  "name": "http2serverConn.processHeaders"
                },
                {
                  "name": "http2serverConn.upgradeRequest"
                },
                {
                  "name": "http2serverConn.runHandler"
                },
                {
                  "name": "ListenAndServe"
                },
                {
                  "name": "ListenAndServeTLS"
                },
                {
                  "name": "Serve"
                },
                {
                  "name": "ServeTLS"
                },
                {
                  "name": "Server.ListenAndServe"
                },
                {
                  "name": "Server.ListenAndServeTLS"
                },
                {
                  "name": "Server.Serve"
                },
                {
                  "name": "Server.ServeTLS"
                },
                {
                  "name": "http2Server.ServeConn"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.20.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.21.3",
                  "status": "affected",
                  "version": "1.21.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2",
              "product": "golang.org/x/net/http2",
              "programRoutines": [
                {
                  "name": "serverConn.serve"
                },
                {
                  "name": "serverConn.processHeaders"
                },
                {
                  "name": "serverConn.upgradeRequest"
                },
                {
                  "name": "serverConn.runHandler"
                },
                {
                  "name": "Server.ServeConn"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.17.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-28T04:05:57.980Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/63417"
            },
            {
              "url": "https://go.dev/cl/534215"
            },
            {
              "url": "https://go.dev/cl/534235"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2023-2102"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20231110-0008/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/"
            },
            {
              "url": "https://security.gentoo.org/glsa/202311-09"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/"
            }
          ],
          "title": "HTTP/2 rapid reset can cause excessive work in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2023-39325",
        "datePublished": "2023-10-11T21:15:02.727Z",
        "dateReserved": "2023-07-27T17:05:55.188Z",
        "dateUpdated": "2025-02-13T17:02:50.341Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-29406 (GCVE-0-2023-29406)

    Vulnerability from nvd – Published: 2023-07-11 19:23 – Updated: 2025-02-13 16:49
    VLAI
    Title
    Insufficient sanitization of Host header in net/http
    Summary
    The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.19.11 (semver)
    Affected: 1.20.0-0 , < 1.20.6 (semver)
    Create a notification for this product.
    Credits
    Bartek Nowotarski
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T14:07:45.735Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/60374"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/506996"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2023-1878"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230814-0002/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202311-09"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-29406",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T15:39:42.813114Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T15:39:53.007Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "Request.write"
                },
                {
                  "name": "Client.CloseIdleConnections"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "Request.Write"
                },
                {
                  "name": "Request.WriteProxy"
                },
                {
                  "name": "Transport.CancelRequest"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.RoundTrip"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.19.11",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.20.6",
                  "status": "affected",
                  "version": "1.20.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Bartek Nowotarski"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-25T11:09:28.969Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/60374"
            },
            {
              "url": "https://go.dev/cl/506996"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2023-1878"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230814-0002/"
            },
            {
              "url": "https://security.gentoo.org/glsa/202311-09"
            }
          ],
          "title": "Insufficient sanitization of Host header in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2023-29406",
        "datePublished": "2023-07-11T19:23:58.511Z",
        "dateReserved": "2023-04-05T19:36:35.043Z",
        "dateUpdated": "2025-02-13T16:49:14.579Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41723 (GCVE-0-2022-41723)

    Vulnerability from nvd – Published: 2023-02-28 17:19 – Updated: 2025-05-05 16:12
    VLAI
    Title
    Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
    Summary
    A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE 400: Uncontrolled Resource Consumption
    • NVD-CWE-Other
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.19.6 (semver)
    Affected: 1.20.0-0 , < 1.20.1 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/http2 Affected: 0 , < 0.7.0 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/http2/hpack Affected: 0 , < 0.7.0 (semver)
    Create a notification for this product.
    Credits
    Philippe Antoine (Catena cyber)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:49:43.617Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20230331-0010/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/57855"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/468135"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/468295"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2023-1571"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.couchbase.com/alerts/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202311-09"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41723",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:26:37.352634Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "NVD-CWE-Other",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T16:12:28.159Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "Server.Serve"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "ListenAndServe"
                },
                {
                  "name": "ListenAndServeTLS"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "Serve"
                },
                {
                  "name": "ServeTLS"
                },
                {
                  "name": "Server.ListenAndServe"
                },
                {
                  "name": "Server.ListenAndServeTLS"
                },
                {
                  "name": "Server.ServeTLS"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.19.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.20.1",
                  "status": "affected",
                  "version": "1.20.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2",
              "product": "golang.org/x/net/http2",
              "programRoutines": [
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "Server.ServeConn"
                },
                {
                  "name": "ClientConn.Close"
                },
                {
                  "name": "ClientConn.Ping"
                },
                {
                  "name": "ClientConn.RoundTrip"
                },
                {
                  "name": "ClientConn.Shutdown"
                },
                {
                  "name": "ConfigureServer"
                },
                {
                  "name": "ConfigureTransport"
                },
                {
                  "name": "ConfigureTransports"
                },
                {
                  "name": "ConnectionError.Error"
                },
                {
                  "name": "ErrCode.String"
                },
                {
                  "name": "FrameHeader.String"
                },
                {
                  "name": "FrameType.String"
                },
                {
                  "name": "FrameWriteRequest.String"
                },
                {
                  "name": "Framer.ReadFrame"
                },
                {
                  "name": "Framer.WriteContinuation"
                },
                {
                  "name": "Framer.WriteData"
                },
                {
                  "name": "Framer.WriteDataPadded"
                },
                {
                  "name": "Framer.WriteGoAway"
                },
                {
                  "name": "Framer.WriteHeaders"
                },
                {
                  "name": "Framer.WritePing"
                },
                {
                  "name": "Framer.WritePriority"
                },
                {
                  "name": "Framer.WritePushPromise"
                },
                {
                  "name": "Framer.WriteRSTStream"
                },
                {
                  "name": "Framer.WriteRawFrame"
                },
                {
                  "name": "Framer.WriteSettings"
                },
                {
                  "name": "Framer.WriteSettingsAck"
                },
                {
                  "name": "Framer.WriteWindowUpdate"
                },
                {
                  "name": "GoAwayError.Error"
                },
                {
                  "name": "ReadFrameHeader"
                },
                {
                  "name": "Setting.String"
                },
                {
                  "name": "SettingID.String"
                },
                {
                  "name": "SettingsFrame.ForeachSetting"
                },
                {
                  "name": "StreamError.Error"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.NewClientConn"
                },
                {
                  "name": "Transport.RoundTripOpt"
                },
                {
                  "name": "bufferedWriter.Flush"
                },
                {
                  "name": "bufferedWriter.Write"
                },
                {
                  "name": "chunkWriter.Write"
                },
                {
                  "name": "clientConnPool.GetClientConn"
                },
                {
                  "name": "connError.Error"
                },
                {
                  "name": "dataBuffer.Read"
                },
                {
                  "name": "duplicatePseudoHeaderError.Error"
                },
                {
                  "name": "gzipReader.Close"
                },
                {
                  "name": "gzipReader.Read"
                },
                {
                  "name": "headerFieldNameError.Error"
                },
                {
                  "name": "headerFieldValueError.Error"
                },
                {
                  "name": "noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "pipe.Read"
                },
                {
                  "name": "priorityWriteScheduler.CloseStream"
                },
                {
                  "name": "priorityWriteScheduler.OpenStream"
                },
                {
                  "name": "pseudoHeaderError.Error"
                },
                {
                  "name": "requestBody.Close"
                },
                {
                  "name": "requestBody.Read"
                },
                {
                  "name": "responseWriter.Flush"
                },
                {
                  "name": "responseWriter.FlushError"
                },
                {
                  "name": "responseWriter.Push"
                },
                {
                  "name": "responseWriter.SetReadDeadline"
                },
                {
                  "name": "responseWriter.SetWriteDeadline"
                },
                {
                  "name": "responseWriter.Write"
                },
                {
                  "name": "responseWriter.WriteHeader"
                },
                {
                  "name": "responseWriter.WriteString"
                },
                {
                  "name": "serverConn.CloseConn"
                },
                {
                  "name": "serverConn.Flush"
                },
                {
                  "name": "stickyErrWriter.Write"
                },
                {
                  "name": "transportResponseBody.Close"
                },
                {
                  "name": "transportResponseBody.Read"
                },
                {
                  "name": "writeData.String"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.7.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2/hpack",
              "product": "golang.org/x/net/http2/hpack",
              "programRoutines": [
                {
                  "name": "Decoder.parseFieldLiteral"
                },
                {
                  "name": "Decoder.readString"
                },
                {
                  "name": "Decoder.DecodeFull"
                },
                {
                  "name": "Decoder.Write"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.7.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Philippe Antoine (Catena cyber)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE 400: Uncontrolled Resource Consumption",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-25T11:09:48.448Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/57855"
            },
            {
              "url": "https://go.dev/cl/468135"
            },
            {
              "url": "https://go.dev/cl/468295"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2023-1571"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/"
            },
            {
              "url": "https://www.couchbase.com/alerts/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
            },
            {
              "url": "https://security.gentoo.org/glsa/202311-09"
            }
          ],
          "title": "Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2022-41723",
        "datePublished": "2023-02-28T17:19:45.801Z",
        "dateReserved": "2022-09-28T17:00:06.610Z",
        "dateUpdated": "2025-05-05T16:12:28.159Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41717 (GCVE-0-2022-41717)

    Vulnerability from nvd – Published: 2022-12-08 19:03 – Updated: 2025-02-13 16:33
    VLAI
    Title
    Excessive memory growth in net/http and golang.org/x/net/http2
    Summary
    An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
    Severity
    No CVSS data available.
    CWE
    • CWE 400: Uncontrolled Resource Consumption
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.18.9 (semver)
    Affected: 1.19.0-0 , < 1.19.4 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/http2 Affected: 0 , < 0.4.0 (semver)
    Create a notification for this product.
    Credits
    Josselin Costanzi
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:49:43.657Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20230120-0008/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/56350"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/455717"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/455635"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2022-1144"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202311-09"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "http2serverConn.canonicalHeader"
                },
                {
                  "name": "ListenAndServe"
                },
                {
                  "name": "ListenAndServeTLS"
                },
                {
                  "name": "Serve"
                },
                {
                  "name": "ServeTLS"
                },
                {
                  "name": "Server.ListenAndServe"
                },
                {
                  "name": "Server.ListenAndServeTLS"
                },
                {
                  "name": "Server.Serve"
                },
                {
                  "name": "Server.ServeTLS"
                },
                {
                  "name": "http2Server.ServeConn"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.18.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.19.4",
                  "status": "affected",
                  "version": "1.19.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2",
              "product": "golang.org/x/net/http2",
              "programRoutines": [
                {
                  "name": "serverConn.canonicalHeader"
                },
                {
                  "name": "Server.ServeConn"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.4.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Josselin Costanzi"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE 400: Uncontrolled Resource Consumption",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-18T02:06:25.182Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/56350"
            },
            {
              "url": "https://go.dev/cl/455717"
            },
            {
              "url": "https://go.dev/cl/455635"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2022-1144"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
            },
            {
              "url": "https://security.gentoo.org/glsa/202311-09"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
            }
          ],
          "title": "Excessive memory growth in net/http and golang.org/x/net/http2"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2022-41717",
        "datePublished": "2022-12-08T19:03:53.161Z",
        "dateReserved": "2022-09-28T17:00:06.608Z",
        "dateUpdated": "2025-02-13T16:33:08.284Z",
        "requesterUserId": "7d08541a-cd0a-42e2-8f81-76e6ceb65fc3",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41720 (GCVE-0-2022-41720)

    Vulnerability from nvd – Published: 2022-12-07 16:11 – Updated: 2025-04-23 15:43
    VLAI
    Title
    Restricted file access on Windows in os and net/http
    Summary
    On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS("C:/tmp").Open("COM1") opens the COM1 device. Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the drive and access any path on the system. With fix applied, the behavior of os.DirFS("") has changed. Previously, an empty root was treated equivalently to "/", so os.DirFS("").Open("tmp") would open the path "/tmp". This now returns an error.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE 22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library os Affected: 0 , < 1.18.9 (semver)
    Affected: 1.19.0-0 , < 1.19.4 (semver)
    Create a notification for this product.
    Go standard library net/http Affected: 0 , < 1.18.9 (semver)
    Affected: 1.19.0-0 , < 1.19.4 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:49:43.510Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/56694"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/455716"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2022-1143"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41720",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T15:41:16.852650Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-23T15:43:46.208Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "os",
              "platforms": [
                "windows"
              ],
              "product": "os",
              "programRoutines": [
                {
                  "name": "dirFS.Open"
                },
                {
                  "name": "dirFS.Stat"
                },
                {
                  "name": "DirFS"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.18.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.19.4",
                  "status": "affected",
                  "version": "1.19.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "platforms": [
                "windows"
              ],
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "Dir.Open"
                },
                {
                  "name": "ServeFile"
                },
                {
                  "name": "fileHandler.ServeHTTP"
                },
                {
                  "name": "fileTransport.RoundTrip"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.18.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.19.4",
                  "status": "affected",
                  "version": "1.19.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS(\"C:/tmp\").Open(\"COM1\") opens the COM1 device. Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the drive and access any path on the system. With fix applied, the behavior of os.DirFS(\"\") has changed. Previously, an empty root was treated equivalently to \"/\", so os.DirFS(\"\").Open(\"tmp\") would open the path \"/tmp\". This now returns an error."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE 22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-12T19:05:39.487Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/56694"
            },
            {
              "url": "https://go.dev/cl/455716"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2022-1143"
            }
          ],
          "title": "Restricted file access on Windows in os and net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2022-41720",
        "datePublished": "2022-12-07T16:11:18.867Z",
        "dateReserved": "2022-09-28T17:00:06.609Z",
        "dateUpdated": "2025-04-23T15:43:46.208Z",
        "requesterUserId": "7d08541a-cd0a-42e2-8f81-76e6ceb65fc3",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-32148 (GCVE-0-2022-32148)

    Vulnerability from nvd – Published: 2022-08-09 20:18 – Updated: 2026-03-06 19:06
    VLAI
    Title
    Exposure of client IP addresses in net/http
    Summary
    Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.17.12 (semver)
    Affected: 1.18.0-0 , < 1.18.4 (semver)
    Create a notification for this product.
    Credits
    Christian Mehlmauer
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T07:32:55.971Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/412857"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.googlesource.com/go/+/b2cc0fecc2ccd80e6d5d16542cc684f97b3a9c8a"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/53423"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2022-0520"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-32148",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-23T08:15:49.791308Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-06T19:06:52.828Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "Header.Clone"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.17.12",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.18.4",
                  "status": "affected",
                  "version": "1.18.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Christian Mehlmauer"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-200: Information Exposure",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-12T19:04:32.608Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/412857"
            },
            {
              "url": "https://go.googlesource.com/go/+/b2cc0fecc2ccd80e6d5d16542cc684f97b3a9c8a"
            },
            {
              "url": "https://go.dev/issue/53423"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2022-0520"
            }
          ],
          "title": "Exposure of client IP addresses in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2022-32148",
        "datePublished": "2022-08-09T20:18:21.000Z",
        "dateReserved": "2022-05-31T00:00:00.000Z",
        "dateUpdated": "2026-03-06T19:06:52.828Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-1705 (GCVE-0-2022-1705)

    Vulnerability from nvd – Published: 2022-08-09 20:16 – Updated: 2026-03-06 17:46
    VLAI
    Title
    Improper sanitization of Transfer-Encoding headers in net/http
    Summary
    Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.17.12 (semver)
    Affected: 1.18.0-0 , < 1.18.4 (semver)
    Create a notification for this product.
    Credits
    Zeyu Zhang (https://www.zeyu2001.com/)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:10:03.918Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/409874"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.googlesource.com/go/+/e5017a93fcde94f09836200bca55324af037ee5f"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/53188"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/410714"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2022-0525"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-1705",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-24T20:38:47.035806Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-06T17:46:56.094Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "transferReader.parseTransferEncoding"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.17.12",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.18.4",
                  "status": "affected",
                  "version": "1.18.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Zeyu Zhang (https://www.zeyu2001.com/)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-12T19:04:43.089Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/409874"
            },
            {
              "url": "https://go.googlesource.com/go/+/e5017a93fcde94f09836200bca55324af037ee5f"
            },
            {
              "url": "https://go.dev/issue/53188"
            },
            {
              "url": "https://go.dev/cl/410714"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2022-0525"
            }
          ],
          "title": "Improper sanitization of Transfer-Encoding headers in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2022-1705",
        "datePublished": "2022-08-09T20:16:57.000Z",
        "dateReserved": "2022-05-13T00:00:00.000Z",
        "dateUpdated": "2026-03-06T17:46:56.094Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-33814 (GCVE-0-2026-33814)

    Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-07-08 12:05
    VLAI
    Title
    Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
    Summary
    When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    • CWE-606 - Unchecked Input for Loop Condition
    Assigner
    Go
    Impacted products
    Vendor Product Version
    golang.org/x/net golang.org/x/net/http2 Affected: 0 , < 0.53.0 (semver)
    Create a notification for this product.
    Go standard library net/http Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Red Hat Cluster Observability Operator 1.5.0     cpe:/a:redhat:cluster_observability_operator:1.5::el9
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.0     cpe:/a:redhat:service_mesh:3.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.1     cpe:/a:redhat:service_mesh:3.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.2     cpe:/a:redhat:service_mesh:3.2::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.3     cpe:/a:redhat:service_mesh:3.3::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
    Create a notification for this product.
    Credits
    Marwan Atia (marwansamir688@gmail.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33814",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T18:00:53.951676Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T18:01:02.989Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:cluster_observability_operator:1.5::el9"
                ],
                "defaultStatus": "affected",
                "product": "Cluster Observability Operator 1.5.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Service Mesh 2",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-07T19:41:17.631Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-606",
                    "description": "Unchecked Input for Loop Condition",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-08T12:05:50.420Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-33814"
              },
              {
                "name": "RHBZ#2467815",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467815"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33814.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34342"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23262"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23264"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33120"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33123"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33142"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33150"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34342: Cluster Observability Operator 1.5.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23262: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23264: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-07T20:01:11.324Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-07T19:41:17.631Z",
                "value": "Made public."
              }
            ],
            "title": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2",
              "product": "golang.org/x/net/http2",
              "programRoutines": [
                {
                  "name": "clientConnReadLoop.processSettingsNoWrite"
                },
                {
                  "name": "Transport.NewClientConn"
                },
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "Transport.RoundTripOpt"
                },
                {
                  "name": "clientConnPool.GetClientConn"
                },
                {
                  "name": "noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "noDialH2RoundTripper.NewClientConn"
                },
                {
                  "name": "noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "unencryptedTransport.RoundTrip"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.53.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "http2clientConnReadLoop.processSettingsNoWrite"
                },
                {
                  "name": "Client.CloseIdleConnections"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "ClientConn.Close"
                },
                {
                  "name": "ClientConn.RoundTrip"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.NewClientConn"
                },
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "http1ClientConn.Close"
                },
                {
                  "name": "http1ClientConn.RoundTrip"
                },
                {
                  "name": "http2Transport.NewClientConn"
                },
                {
                  "name": "http2Transport.RoundTrip"
                },
                {
                  "name": "http2Transport.RoundTripOpt"
                },
                {
                  "name": "http2clientConnPool.GetClientConn"
                },
                {
                  "name": "http2noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "http2noDialH2RoundTripper.NewClientConn"
                },
                {
                  "name": "http2noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "http2unencryptedTransport.RoundTrip"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Marwan Atia (marwansamir688@gmail.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:17.631Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/761581"
            },
            {
              "url": "https://go.dev/cl/761640"
            },
            {
              "url": "https://go.dev/issue/78476"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4918"
            }
          ],
          "title": "Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-33814",
        "datePublished": "2026-05-07T19:41:17.631Z",
        "dateReserved": "2026-03-23T20:35:32.814Z",
        "dateUpdated": "2026-07-08T12:05:50.420Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-58186 (GCVE-0-2025-58186)

    Vulnerability from cvelistv5 – Published: 2025-10-29 22:10 – Updated: 2025-11-04 21:13
    VLAI
    Title
    Lack of limit when parsing cookies can cause memory exhaustion in net/http
    Summary
    Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.24.8 (semver)
    Affected: 1.25.0 , < 1.25.2 (semver)
    Create a notification for this product.
    Credits
    jub0bs
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 5.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-58186",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-30T14:24:44.763207Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-30T14:24:50.235Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T21:13:35.468Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/10/08/1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "ParseCookie"
                },
                {
                  "name": "readSetCookies"
                },
                {
                  "name": "readCookies"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "Request.Cookie"
                },
                {
                  "name": "Request.Cookies"
                },
                {
                  "name": "Request.CookiesNamed"
                },
                {
                  "name": "Response.Cookies"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.24.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.25.2",
                  "status": "affected",
                  "version": "1.25.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "jub0bs"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as \"a=;\", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-29T22:10:13.912Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/75672"
            },
            {
              "url": "https://go.dev/cl/709855"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2025-4012"
            }
          ],
          "title": "Lack of limit when parsing cookies can cause memory exhaustion in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2025-58186",
        "datePublished": "2025-10-29T22:10:13.912Z",
        "dateReserved": "2025-08-27T14:50:58.691Z",
        "dateUpdated": "2025-11-04T21:13:35.468Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-47910 (GCVE-0-2025-47910)

    Vulnerability from cvelistv5 – Published: 2025-09-22 21:01 – Updated: 2025-09-24 13:29
    VLAI
    Title
    CrossOriginProtection insecure bypass patterns not limited to exact matches in net/http
    Summary
    When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 1.25.0 , < 1.25.1 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47910",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-24T13:29:38.364534Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-24T13:29:45.405Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "CrossOriginProtection.AddInsecureBypassPattern"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.1",
                  "status": "affected",
                  "version": "1.25.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-284: Improper Access Control",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-22T21:01:55.440Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/699275"
            },
            {
              "url": "https://go.dev/issue/75054"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/PtW9VW21NPs/m/DJhMQ-m5AQAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2025-3955"
            }
          ],
          "title": "CrossOriginProtection insecure bypass patterns not limited to exact matches in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2025-47910",
        "datePublished": "2025-09-22T21:01:55.440Z",
        "dateReserved": "2025-05-13T23:31:29.597Z",
        "dateUpdated": "2025-09-24T13:29:45.405Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-4673 (GCVE-0-2025-4673)

    Vulnerability from cvelistv5 – Published: 2025-06-11 16:42 – Updated: 2025-06-11 17:59
    VLAI
    Title
    Sensitive headers not cleared on cross-origin redirect in net/http
    Summary
    Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-201 - Insertion of Sensitive Information Into Sent Data
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.23.10 (semver)
    Affected: 1.24.0-0 , < 1.24.4 (semver)
    Create a notification for this product.
    Credits
    Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.8,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4673",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T17:59:02.225500Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-11T17:59:48.033Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "Client.makeHeadersCopier"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.23.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.24.4",
                  "status": "affected",
                  "version": "1.24.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-201: Insertion of Sensitive Information Into Sent Data",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-11T16:42:53.054Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/679257"
            },
            {
              "url": "https://go.dev/issue/73816"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2025-3751"
            }
          ],
          "title": "Sensitive headers not cleared on cross-origin redirect in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2025-4673",
        "datePublished": "2025-06-11T16:42:53.054Z",
        "dateReserved": "2025-05-13T23:30:53.327Z",
        "dateUpdated": "2025-06-11T17:59:48.033Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-22870 (GCVE-0-2025-22870)

    Vulnerability from cvelistv5 – Published: 2025-03-12 18:27 – Updated: 2026-04-16 22:39
    VLAI
    Title
    HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net
    Summary
    Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.23.7 (semver)
    Affected: 1.24.0-0 , < 1.24.1 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/http/httpproxy Affected: 0 , < 0.36.0 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/proxy Affected: 0 , < 0.36.0 (semver)
    Create a notification for this product.
    Credits
    Juho Forsén of Mattermost
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-05-09T20:03:37.043Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/03/07/2"
              },
              {
                "url": "https://security.netapp.com/advisory/ntap-20250509-0007/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "LOW",
                  "baseScore": 4.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-22870",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-18T16:31:16.493335Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-115",
                    "description": "CWE-115 Misinterpretation of Input",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-18T16:32:14.847Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "envProxyFunc"
                },
                {
                  "name": "ProxyFromEnvironment"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.23.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.24.1",
                  "status": "affected",
                  "version": "1.24.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http/httpproxy",
              "product": "golang.org/x/net/http/httpproxy",
              "programRoutines": [
                {
                  "name": "config.useProxy"
                },
                {
                  "name": "domainMatch.match"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.36.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/proxy",
              "product": "golang.org/x/net/proxy",
              "programRoutines": [
                {
                  "name": "PerHost.dialerForRequest"
                },
                {
                  "name": "PerHost.AddFromString"
                },
                {
                  "name": "Dial"
                },
                {
                  "name": "FromEnvironment"
                },
                {
                  "name": "FromEnvironmentUsing"
                },
                {
                  "name": "PerHost.Dial"
                },
                {
                  "name": "PerHost.DialContext"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.36.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Juho Fors\u00e9n of Mattermost"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-115 Misinterpretation of Input",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-16T22:39:33.619Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/654697"
            },
            {
              "url": "https://go.dev/issue/71984"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/4t3lzH3I0eI/m/b42ImqrBAQAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2025-3503"
            }
          ],
          "title": "HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2025-22870",
        "datePublished": "2025-03-12T18:27:59.376Z",
        "dateReserved": "2025-01-08T19:11:42.834Z",
        "dateUpdated": "2026-04-16T22:39:33.619Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-45336 (GCVE-0-2024-45336)

    Vulnerability from cvelistv5 – Published: 2025-01-28 01:03 – Updated: 2025-09-18 18:41
    VLAI
    Title
    Sensitive headers incorrectly sent after cross-domain redirect in net/http
    Summary
    The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-201 - Insertion of Sensitive Information Into Sent Data
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.22.11 (semver)
    Affected: 1.23.0-0 , < 1.23.5 (semver)
    Affected: 1.24.0-0 , < 1.24.0-rc.2 (semver)
    Create a notification for this product.
    Credits
    Kyle Seely
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45336",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-28T14:56:59.058895Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-28T15:16:38.044Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-02-21T18:03:31.299Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20250221-0003/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "Client.do"
                },
                {
                  "name": "Client.makeHeadersCopier"
                },
                {
                  "name": "shouldCopyHeaderOnRedirect"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.22.11",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.23.5",
                  "status": "affected",
                  "version": "1.23.0-0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.24.0-rc.2",
                  "status": "affected",
                  "version": "1.24.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Kyle Seely"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-201: Insertion of Sensitive Information Into Sent Data",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-18T18:41:11.116Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/643100"
            },
            {
              "url": "https://go.dev/issue/70530"
            },
            {
              "url": "https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ"
            },
            {
              "url": "https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2025-3420"
            }
          ],
          "title": "Sensitive headers incorrectly sent after cross-domain redirect in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2024-45336",
        "datePublished": "2025-01-28T01:03:24.869Z",
        "dateReserved": "2024-08-27T19:41:58.555Z",
        "dateUpdated": "2025-09-18T18:41:11.116Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-24791 (GCVE-0-2024-24791)

    Vulnerability from cvelistv5 – Published: 2024-07-02 21:28 – Updated: 2024-10-04 15:02
    VLAI
    Title
    Denial of service due to improper 100-continue handling in net/http
    Summary
    The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE 400: Uncontrolled Resource Consumption
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.21.12 (semver)
    Affected: 1.22.0-0 , < 1.22.5 (semver)
    Create a notification for this product.
    go_standard_library net\/http Affected: 0 , < 1.21.12 (custom)
    Affected: 1.22.0-0 , < 1.22.5 (custom)
        cpe:2.3:a:go_standard_library:net\/http:1.21.12:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Geoff Franks
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:go_standard_library:net\\/http:1.21.12:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "net\\/http",
                "vendor": "go_standard_library",
                "versions": [
                  {
                    "lessThan": "1.21.12",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "1.22.5",
                    "status": "affected",
                    "version": "1.22.0-0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-24791",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-03T13:39:23.366299Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-03T13:45:59.566Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-10-04T15:02:46.565Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/591255"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/67555"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2024-2963"
              },
              {
                "url": "https://security.netapp.com/advisory/ntap-20241004-0004/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "persistConn.readResponse"
                },
                {
                  "name": "Client.CloseIdleConnections"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "Transport.CancelRequest"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.RoundTrip"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.21.12",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.22.5",
                  "status": "affected",
                  "version": "1.22.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Geoff Franks"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an \"Expect: 100-continue\" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending \"Expect: 100-continue\" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE 400: Uncontrolled Resource Consumption",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-02T21:28:25.677Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/591255"
            },
            {
              "url": "https://go.dev/issue/67555"
            },
            {
              "url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2024-2963"
            }
          ],
          "title": "Denial of service due to improper 100-continue handling in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2024-24791",
        "datePublished": "2024-07-02T21:28:25.677Z",
        "dateReserved": "2024-01-30T16:05:14.758Z",
        "dateUpdated": "2024-10-04T15:02:46.565Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45288 (GCVE-0-2023-45288)

    Vulnerability from cvelistv5 – Published: 2024-04-04 20:37 – Updated: 2025-11-04 18:17
    VLAI
    Title
    HTTP/2 CONTINUATION flood in net/http
    Summary
    An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.21.9 (semver)
    Affected: 1.22.0-0 , < 1.22.2 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/http2 Affected: 0 , < 0.23.0 (semver)
    Create a notification for this product.
    go_standard_library net\/http Affected: 0 , < 1.21.9 (custom)
    Affected: 1.22.0-0 , < 1.22.2 (custom)
        cpe:2.3:a:go_standard_library:net\/http:*:*:*:*:*:*:*:*
    Create a notification for this product.
    golang http2 Affected: 0 , < 0.23.0 (custom)
        cpe:2.3:a:golang:http2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Bartek Nowotarski (https://nowotarski.info/)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T18:17:43.583Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/65051"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/576155"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2024-2687"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240419-0009/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/05/4"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/03/16"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/421644"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:go_standard_library:net\\/http:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "net\\/http",
                "vendor": "go_standard_library",
                "versions": [
                  {
                    "lessThan": "1.21.9",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "1.22.2",
                    "status": "affected",
                    "version": "1.22.0-0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:golang:http2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "http2",
                "vendor": "golang",
                "versions": [
                  {
                    "lessThan": "0.23.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45288",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-05T17:08:42.212936Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-26T20:40:01.996Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "http2Framer.readMetaFrame"
                },
                {
                  "name": "CanonicalHeaderKey"
                },
                {
                  "name": "Client.CloseIdleConnections"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Cookie.String"
                },
                {
                  "name": "Cookie.Valid"
                },
                {
                  "name": "Dir.Open"
                },
                {
                  "name": "Error"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "HandlerFunc.ServeHTTP"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Header.Add"
                },
                {
                  "name": "Header.Del"
                },
                {
                  "name": "Header.Get"
                },
                {
                  "name": "Header.Set"
                },
                {
                  "name": "Header.Values"
                },
                {
                  "name": "Header.Write"
                },
                {
                  "name": "Header.WriteSubset"
                },
                {
                  "name": "ListenAndServe"
                },
                {
                  "name": "ListenAndServeTLS"
                },
                {
                  "name": "NewRequest"
                },
                {
                  "name": "NewRequestWithContext"
                },
                {
                  "name": "NotFound"
                },
                {
                  "name": "ParseTime"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "ProxyFromEnvironment"
                },
                {
                  "name": "ReadRequest"
                },
                {
                  "name": "ReadResponse"
                },
                {
                  "name": "Redirect"
                },
                {
                  "name": "Request.AddCookie"
                },
                {
                  "name": "Request.BasicAuth"
                },
                {
                  "name": "Request.FormFile"
                },
                {
                  "name": "Request.FormValue"
                },
                {
                  "name": "Request.MultipartReader"
                },
                {
                  "name": "Request.ParseForm"
                },
                {
                  "name": "Request.ParseMultipartForm"
                },
                {
                  "name": "Request.PostFormValue"
                },
                {
                  "name": "Request.Referer"
                },
                {
                  "name": "Request.SetBasicAuth"
                },
                {
                  "name": "Request.UserAgent"
                },
                {
                  "name": "Request.Write"
                },
                {
                  "name": "Request.WriteProxy"
                },
                {
                  "name": "Response.Cookies"
                },
                {
                  "name": "Response.Location"
                },
                {
                  "name": "Response.Write"
                },
                {
                  "name": "ResponseController.EnableFullDuplex"
                },
                {
                  "name": "ResponseController.Flush"
                },
                {
                  "name": "ResponseController.Hijack"
                },
                {
                  "name": "ResponseController.SetReadDeadline"
                },
                {
                  "name": "ResponseController.SetWriteDeadline"
                },
                {
                  "name": "Serve"
                },
                {
                  "name": "ServeContent"
                },
                {
                  "name": "ServeFile"
                },
                {
                  "name": "ServeMux.ServeHTTP"
                },
                {
                  "name": "ServeTLS"
                },
                {
                  "name": "Server.Close"
                },
                {
                  "name": "Server.ListenAndServe"
                },
                {
                  "name": "Server.ListenAndServeTLS"
                },
                {
                  "name": "Server.Serve"
                },
                {
                  "name": "Server.ServeTLS"
                },
                {
                  "name": "Server.SetKeepAlivesEnabled"
                },
                {
                  "name": "Server.Shutdown"
                },
                {
                  "name": "SetCookie"
                },
                {
                  "name": "Transport.CancelRequest"
                },
                {
                  "name": "Transport.Clone"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "body.Close"
                },
                {
                  "name": "body.Read"
                },
                {
                  "name": "bodyEOFSignal.Close"
                },
                {
                  "name": "bodyEOFSignal.Read"
                },
                {
                  "name": "bodyLocked.Read"
                },
                {
                  "name": "bufioFlushWriter.Write"
                },
                {
                  "name": "cancelTimerBody.Close"
                },
                {
                  "name": "cancelTimerBody.Read"
                },
                {
                  "name": "checkConnErrorWriter.Write"
                },
                {
                  "name": "chunkWriter.Write"
                },
                {
                  "name": "connReader.Read"
                },
                {
                  "name": "connectMethodKey.String"
                },
                {
                  "name": "expectContinueReader.Close"
                },
                {
                  "name": "expectContinueReader.Read"
                },
                {
                  "name": "extraHeader.Write"
                },
                {
                  "name": "fileHandler.ServeHTTP"
                },
                {
                  "name": "fileTransport.RoundTrip"
                },
                {
                  "name": "globalOptionsHandler.ServeHTTP"
                },
                {
                  "name": "gzipReader.Close"
                },
                {
                  "name": "gzipReader.Read"
                },
                {
                  "name": "http2ClientConn.Close"
                },
                {
                  "name": "http2ClientConn.Ping"
                },
                {
                  "name": "http2ClientConn.RoundTrip"
                },
                {
                  "name": "http2ClientConn.Shutdown"
                },
                {
                  "name": "http2ConnectionError.Error"
                },
                {
                  "name": "http2ErrCode.String"
                },
                {
                  "name": "http2FrameHeader.String"
                },
                {
                  "name": "http2FrameType.String"
                },
                {
                  "name": "http2FrameWriteRequest.String"
                },
                {
                  "name": "http2Framer.ReadFrame"
                },
                {
                  "name": "http2Framer.WriteContinuation"
                },
                {
                  "name": "http2Framer.WriteData"
                },
                {
                  "name": "http2Framer.WriteDataPadded"
                },
                {
                  "name": "http2Framer.WriteGoAway"
                },
                {
                  "name": "http2Framer.WriteHeaders"
                },
                {
                  "name": "http2Framer.WritePing"
                },
                {
                  "name": "http2Framer.WritePriority"
                },
                {
                  "name": "http2Framer.WritePushPromise"
                },
                {
                  "name": "http2Framer.WriteRSTStream"
                },
                {
                  "name": "http2Framer.WriteRawFrame"
                },
                {
                  "name": "http2Framer.WriteSettings"
                },
                {
                  "name": "http2Framer.WriteSettingsAck"
                },
                {
                  "name": "http2Framer.WriteWindowUpdate"
                },
                {
                  "name": "http2GoAwayError.Error"
                },
                {
                  "name": "http2Server.ServeConn"
                },
                {
                  "name": "http2Setting.String"
                },
                {
                  "name": "http2SettingID.String"
                },
                {
                  "name": "http2SettingsFrame.ForeachSetting"
                },
                {
                  "name": "http2StreamError.Error"
                },
                {
                  "name": "http2Transport.CloseIdleConnections"
                },
                {
                  "name": "http2Transport.NewClientConn"
                },
                {
                  "name": "http2Transport.RoundTrip"
                },
                {
                  "name": "http2Transport.RoundTripOpt"
                },
                {
                  "name": "http2bufferedWriter.Flush"
                },
                {
                  "name": "http2bufferedWriter.Write"
                },
                {
                  "name": "http2chunkWriter.Write"
                },
                {
                  "name": "http2clientConnPool.GetClientConn"
                },
                {
                  "name": "http2connError.Error"
                },
                {
                  "name": "http2dataBuffer.Read"
                },
                {
                  "name": "http2duplicatePseudoHeaderError.Error"
                },
                {
                  "name": "http2gzipReader.Close"
                },
                {
                  "name": "http2gzipReader.Read"
                },
                {
                  "name": "http2headerFieldNameError.Error"
                },
                {
                  "name": "http2headerFieldValueError.Error"
                },
                {
                  "name": "http2noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "http2noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "http2pipe.Read"
                },
                {
                  "name": "http2priorityWriteScheduler.CloseStream"
                },
                {
                  "name": "http2priorityWriteScheduler.OpenStream"
                },
                {
                  "name": "http2pseudoHeaderError.Error"
                },
                {
                  "name": "http2requestBody.Close"
                },
                {
                  "name": "http2requestBody.Read"
                },
                {
                  "name": "http2responseWriter.Flush"
                },
                {
                  "name": "http2responseWriter.FlushError"
                },
                {
                  "name": "http2responseWriter.Push"
                },
                {
                  "name": "http2responseWriter.SetReadDeadline"
                },
                {
                  "name": "http2responseWriter.SetWriteDeadline"
                },
                {
                  "name": "http2responseWriter.Write"
                },
                {
                  "name": "http2responseWriter.WriteHeader"
                },
                {
                  "name": "http2responseWriter.WriteString"
                },
                {
                  "name": "http2roundRobinWriteScheduler.OpenStream"
                },
                {
                  "name": "http2serverConn.CloseConn"
                },
                {
                  "name": "http2serverConn.Flush"
                },
                {
                  "name": "http2stickyErrWriter.Write"
                },
                {
                  "name": "http2transportResponseBody.Close"
                },
                {
                  "name": "http2transportResponseBody.Read"
                },
                {
                  "name": "http2writeData.String"
                },
                {
                  "name": "initALPNRequest.ServeHTTP"
                },
                {
                  "name": "loggingConn.Close"
                },
                {
                  "name": "loggingConn.Read"
                },
                {
                  "name": "loggingConn.Write"
                },
                {
                  "name": "maxBytesReader.Close"
                },
                {
                  "name": "maxBytesReader.Read"
                },
                {
                  "name": "onceCloseListener.Close"
                },
                {
                  "name": "persistConn.Read"
                },
                {
                  "name": "persistConnWriter.ReadFrom"
                },
                {
                  "name": "persistConnWriter.Write"
                },
                {
                  "name": "populateResponse.Write"
                },
                {
                  "name": "populateResponse.WriteHeader"
                },
                {
                  "name": "readTrackingBody.Close"
                },
                {
                  "name": "readTrackingBody.Read"
                },
                {
                  "name": "readWriteCloserBody.Read"
                },
                {
                  "name": "redirectHandler.ServeHTTP"
                },
                {
                  "name": "response.Flush"
                },
                {
                  "name": "response.FlushError"
                },
                {
                  "name": "response.Hijack"
                },
                {
                  "name": "response.ReadFrom"
                },
                {
                  "name": "response.Write"
                },
                {
                  "name": "response.WriteHeader"
                },
                {
                  "name": "response.WriteString"
                },
                {
                  "name": "serverHandler.ServeHTTP"
                },
                {
                  "name": "socksDialer.DialWithConn"
                },
                {
                  "name": "socksUsernamePassword.Authenticate"
                },
                {
                  "name": "stringWriter.WriteString"
                },
                {
                  "name": "timeoutHandler.ServeHTTP"
                },
                {
                  "name": "timeoutWriter.Write"
                },
                {
                  "name": "timeoutWriter.WriteHeader"
                },
                {
                  "name": "transportReadFromServerError.Error"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.21.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.22.2",
                  "status": "affected",
                  "version": "1.22.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2",
              "product": "golang.org/x/net/http2",
              "programRoutines": [
                {
                  "name": "Framer.readMetaFrame"
                },
                {
                  "name": "ClientConn.Close"
                },
                {
                  "name": "ClientConn.Ping"
                },
                {
                  "name": "ClientConn.RoundTrip"
                },
                {
                  "name": "ClientConn.Shutdown"
                },
                {
                  "name": "ConfigureServer"
                },
                {
                  "name": "ConfigureTransport"
                },
                {
                  "name": "ConfigureTransports"
                },
                {
                  "name": "ConnectionError.Error"
                },
                {
                  "name": "ErrCode.String"
                },
                {
                  "name": "FrameHeader.String"
                },
                {
                  "name": "FrameType.String"
                },
                {
                  "name": "FrameWriteRequest.String"
                },
                {
                  "name": "Framer.ReadFrame"
                },
                {
                  "name": "Framer.WriteContinuation"
                },
                {
                  "name": "Framer.WriteData"
                },
                {
                  "name": "Framer.WriteDataPadded"
                },
                {
                  "name": "Framer.WriteGoAway"
                },
                {
                  "name": "Framer.WriteHeaders"
                },
                {
                  "name": "Framer.WritePing"
                },
                {
                  "name": "Framer.WritePriority"
                },
                {
                  "name": "Framer.WritePushPromise"
                },
                {
                  "name": "Framer.WriteRSTStream"
                },
                {
                  "name": "Framer.WriteRawFrame"
                },
                {
                  "name": "Framer.WriteSettings"
                },
                {
                  "name": "Framer.WriteSettingsAck"
                },
                {
                  "name": "Framer.WriteWindowUpdate"
                },
                {
                  "name": "GoAwayError.Error"
                },
                {
                  "name": "ReadFrameHeader"
                },
                {
                  "name": "Server.ServeConn"
                },
                {
                  "name": "Setting.String"
                },
                {
                  "name": "SettingID.String"
                },
                {
                  "name": "SettingsFrame.ForeachSetting"
                },
                {
                  "name": "StreamError.Error"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.NewClientConn"
                },
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "Transport.RoundTripOpt"
                },
                {
                  "name": "bufferedWriter.Flush"
                },
                {
                  "name": "bufferedWriter.Write"
                },
                {
                  "name": "chunkWriter.Write"
                },
                {
                  "name": "clientConnPool.GetClientConn"
                },
                {
                  "name": "connError.Error"
                },
                {
                  "name": "dataBuffer.Read"
                },
                {
                  "name": "duplicatePseudoHeaderError.Error"
                },
                {
                  "name": "gzipReader.Close"
                },
                {
                  "name": "gzipReader.Read"
                },
                {
                  "name": "headerFieldNameError.Error"
                },
                {
                  "name": "headerFieldValueError.Error"
                },
                {
                  "name": "noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "pipe.Read"
                },
                {
                  "name": "priorityWriteScheduler.CloseStream"
                },
                {
                  "name": "priorityWriteScheduler.OpenStream"
                },
                {
                  "name": "pseudoHeaderError.Error"
                },
                {
                  "name": "requestBody.Close"
                },
                {
                  "name": "requestBody.Read"
                },
                {
                  "name": "responseWriter.Flush"
                },
                {
                  "name": "responseWriter.FlushError"
                },
                {
                  "name": "responseWriter.Push"
                },
                {
                  "name": "responseWriter.SetReadDeadline"
                },
                {
                  "name": "responseWriter.SetWriteDeadline"
                },
                {
                  "name": "responseWriter.Write"
                },
                {
                  "name": "responseWriter.WriteHeader"
                },
                {
                  "name": "responseWriter.WriteString"
                },
                {
                  "name": "roundRobinWriteScheduler.OpenStream"
                },
                {
                  "name": "serverConn.CloseConn"
                },
                {
                  "name": "serverConn.Flush"
                },
                {
                  "name": "stickyErrWriter.Write"
                },
                {
                  "name": "transportResponseBody.Close"
                },
                {
                  "name": "transportResponseBody.Read"
                },
                {
                  "name": "writeData.String"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.23.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Bartek Nowotarski (https://nowotarski.info/)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-01T17:10:07.754Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/65051"
            },
            {
              "url": "https://go.dev/cl/576155"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2024-2687"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20240419-0009/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2024/04/05/4"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2024/04/03/16"
            }
          ],
          "title": "HTTP/2 CONTINUATION flood in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2023-45288",
        "datePublished": "2024-04-04T20:37:30.714Z",
        "dateReserved": "2023-10-06T17:06:26.221Z",
        "dateUpdated": "2025-11-04T18:17:43.583Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-45289 (GCVE-0-2023-45289)

    Vulnerability from cvelistv5 – Published: 2024-03-05 22:22 – Updated: 2025-02-13 17:14
    VLAI
    Title
    Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http
    Summary
    When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.21.8 (semver)
    Affected: 1.22.0-0 , < 1.22.1 (semver)
    Create a notification for this product.
    Go standard library net/http/cookiejar Affected: 0 , < 1.21.8 (semver)
    Affected: 1.22.0-0 , < 1.22.1 (semver)
    Create a notification for this product.
    Credits
    Juho Nurminen of Mattermost
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 4.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45289",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-06T16:34:47.460894Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-04T18:24:28.343Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:15.333Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/65065"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/569340"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2024-2600"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240329-0006/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "isDomainOrSubdomain"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.21.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.22.1",
                  "status": "affected",
                  "version": "1.22.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http/cookiejar",
              "product": "net/http/cookiejar",
              "programRoutines": [
                {
                  "name": "isIP"
                },
                {
                  "name": "Jar.Cookies"
                },
                {
                  "name": "Jar.SetCookies"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.21.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.22.1",
                  "status": "affected",
                  "version": "1.22.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Juho Nurminen of Mattermost"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-01T17:09:39.339Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/65065"
            },
            {
              "url": "https://go.dev/cl/569340"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2024-2600"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20240329-0006/"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
            }
          ],
          "title": "Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2023-45289",
        "datePublished": "2024-03-05T22:22:30.306Z",
        "dateReserved": "2023-10-06T17:06:26.221Z",
        "dateUpdated": "2025-02-13T17:14:01.755Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39325 (GCVE-0-2023-39325)

    Vulnerability from cvelistv5 – Published: 2023-10-11 21:15 – Updated: 2025-02-13 17:02
    VLAI
    Title
    HTTP/2 rapid reset can cause excessive work in net/http
    Summary
    A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.
    Severity
    No CVSS data available.
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Go
    References
    URL Tags
    https://go.dev/issue/63417
    https://go.dev/cl/534215
    https://go.dev/cl/534235
    https://groups.google.com/g/golang-announce/c/iNN…
    https://pkg.go.dev/vuln/GO-2023-2102
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://security.netapp.com/advisory/ntap-2023111…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://security.gentoo.org/glsa/202311-09
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.20.10 (semver)
    Affected: 1.21.0-0 , < 1.21.3 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/http2 Affected: 0 , < 0.17.0 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:02:06.746Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/63417"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/534215"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/534235"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2023-2102"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20231110-0008/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202311-09"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "http2serverConn.serve"
                },
                {
                  "name": "http2serverConn.processHeaders"
                },
                {
                  "name": "http2serverConn.upgradeRequest"
                },
                {
                  "name": "http2serverConn.runHandler"
                },
                {
                  "name": "ListenAndServe"
                },
                {
                  "name": "ListenAndServeTLS"
                },
                {
                  "name": "Serve"
                },
                {
                  "name": "ServeTLS"
                },
                {
                  "name": "Server.ListenAndServe"
                },
                {
                  "name": "Server.ListenAndServeTLS"
                },
                {
                  "name": "Server.Serve"
                },
                {
                  "name": "Server.ServeTLS"
                },
                {
                  "name": "http2Server.ServeConn"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.20.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.21.3",
                  "status": "affected",
                  "version": "1.21.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2",
              "product": "golang.org/x/net/http2",
              "programRoutines": [
                {
                  "name": "serverConn.serve"
                },
                {
                  "name": "serverConn.processHeaders"
                },
                {
                  "name": "serverConn.upgradeRequest"
                },
                {
                  "name": "serverConn.runHandler"
                },
                {
                  "name": "Server.ServeConn"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.17.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-28T04:05:57.980Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/63417"
            },
            {
              "url": "https://go.dev/cl/534215"
            },
            {
              "url": "https://go.dev/cl/534235"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2023-2102"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20231110-0008/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/"
            },
            {
              "url": "https://security.gentoo.org/glsa/202311-09"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/"
            }
          ],
          "title": "HTTP/2 rapid reset can cause excessive work in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2023-39325",
        "datePublished": "2023-10-11T21:15:02.727Z",
        "dateReserved": "2023-07-27T17:05:55.188Z",
        "dateUpdated": "2025-02-13T17:02:50.341Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-29406 (GCVE-0-2023-29406)

    Vulnerability from cvelistv5 – Published: 2023-07-11 19:23 – Updated: 2025-02-13 16:49
    VLAI
    Title
    Insufficient sanitization of Host header in net/http
    Summary
    The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.19.11 (semver)
    Affected: 1.20.0-0 , < 1.20.6 (semver)
    Create a notification for this product.
    Credits
    Bartek Nowotarski
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T14:07:45.735Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/60374"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/506996"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2023-1878"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230814-0002/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202311-09"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-29406",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T15:39:42.813114Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T15:39:53.007Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "Request.write"
                },
                {
                  "name": "Client.CloseIdleConnections"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "Request.Write"
                },
                {
                  "name": "Request.WriteProxy"
                },
                {
                  "name": "Transport.CancelRequest"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.RoundTrip"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.19.11",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.20.6",
                  "status": "affected",
                  "version": "1.20.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Bartek Nowotarski"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-25T11:09:28.969Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/60374"
            },
            {
              "url": "https://go.dev/cl/506996"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2023-1878"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230814-0002/"
            },
            {
              "url": "https://security.gentoo.org/glsa/202311-09"
            }
          ],
          "title": "Insufficient sanitization of Host header in net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2023-29406",
        "datePublished": "2023-07-11T19:23:58.511Z",
        "dateReserved": "2023-04-05T19:36:35.043Z",
        "dateUpdated": "2025-02-13T16:49:14.579Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41723 (GCVE-0-2022-41723)

    Vulnerability from cvelistv5 – Published: 2023-02-28 17:19 – Updated: 2025-05-05 16:12
    VLAI
    Title
    Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
    Summary
    A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE 400: Uncontrolled Resource Consumption
    • NVD-CWE-Other
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.19.6 (semver)
    Affected: 1.20.0-0 , < 1.20.1 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/http2 Affected: 0 , < 0.7.0 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/http2/hpack Affected: 0 , < 0.7.0 (semver)
    Create a notification for this product.
    Credits
    Philippe Antoine (Catena cyber)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:49:43.617Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20230331-0010/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/57855"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/468135"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/468295"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2023-1571"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.couchbase.com/alerts/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202311-09"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41723",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:26:37.352634Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "NVD-CWE-Other",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T16:12:28.159Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "Server.Serve"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "ListenAndServe"
                },
                {
                  "name": "ListenAndServeTLS"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "Serve"
                },
                {
                  "name": "ServeTLS"
                },
                {
                  "name": "Server.ListenAndServe"
                },
                {
                  "name": "Server.ListenAndServeTLS"
                },
                {
                  "name": "Server.ServeTLS"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.19.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.20.1",
                  "status": "affected",
                  "version": "1.20.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2",
              "product": "golang.org/x/net/http2",
              "programRoutines": [
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "Server.ServeConn"
                },
                {
                  "name": "ClientConn.Close"
                },
                {
                  "name": "ClientConn.Ping"
                },
                {
                  "name": "ClientConn.RoundTrip"
                },
                {
                  "name": "ClientConn.Shutdown"
                },
                {
                  "name": "ConfigureServer"
                },
                {
                  "name": "ConfigureTransport"
                },
                {
                  "name": "ConfigureTransports"
                },
                {
                  "name": "ConnectionError.Error"
                },
                {
                  "name": "ErrCode.String"
                },
                {
                  "name": "FrameHeader.String"
                },
                {
                  "name": "FrameType.String"
                },
                {
                  "name": "FrameWriteRequest.String"
                },
                {
                  "name": "Framer.ReadFrame"
                },
                {
                  "name": "Framer.WriteContinuation"
                },
                {
                  "name": "Framer.WriteData"
                },
                {
                  "name": "Framer.WriteDataPadded"
                },
                {
                  "name": "Framer.WriteGoAway"
                },
                {
                  "name": "Framer.WriteHeaders"
                },
                {
                  "name": "Framer.WritePing"
                },
                {
                  "name": "Framer.WritePriority"
                },
                {
                  "name": "Framer.WritePushPromise"
                },
                {
                  "name": "Framer.WriteRSTStream"
                },
                {
                  "name": "Framer.WriteRawFrame"
                },
                {
                  "name": "Framer.WriteSettings"
                },
                {
                  "name": "Framer.WriteSettingsAck"
                },
                {
                  "name": "Framer.WriteWindowUpdate"
                },
                {
                  "name": "GoAwayError.Error"
                },
                {
                  "name": "ReadFrameHeader"
                },
                {
                  "name": "Setting.String"
                },
                {
                  "name": "SettingID.String"
                },
                {
                  "name": "SettingsFrame.ForeachSetting"
                },
                {
                  "name": "StreamError.Error"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.NewClientConn"
                },
                {
                  "name": "Transport.RoundTripOpt"
                },
                {
                  "name": "bufferedWriter.Flush"
                },
                {
                  "name": "bufferedWriter.Write"
                },
                {
                  "name": "chunkWriter.Write"
                },
                {
                  "name": "clientConnPool.GetClientConn"
                },
                {
                  "name": "connError.Error"
                },
                {
                  "name": "dataBuffer.Read"
                },
                {
                  "name": "duplicatePseudoHeaderError.Error"
                },
                {
                  "name": "gzipReader.Close"
                },
                {
                  "name": "gzipReader.Read"
                },
                {
                  "name": "headerFieldNameError.Error"
                },
                {
                  "name": "headerFieldValueError.Error"
                },
                {
                  "name": "noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "pipe.Read"
                },
                {
                  "name": "priorityWriteScheduler.CloseStream"
                },
                {
                  "name": "priorityWriteScheduler.OpenStream"
                },
                {
                  "name": "pseudoHeaderError.Error"
                },
                {
                  "name": "requestBody.Close"
                },
                {
                  "name": "requestBody.Read"
                },
                {
                  "name": "responseWriter.Flush"
                },
                {
                  "name": "responseWriter.FlushError"
                },
                {
                  "name": "responseWriter.Push"
                },
                {
                  "name": "responseWriter.SetReadDeadline"
                },
                {
                  "name": "responseWriter.SetWriteDeadline"
                },
                {
                  "name": "responseWriter.Write"
                },
                {
                  "name": "responseWriter.WriteHeader"
                },
                {
                  "name": "responseWriter.WriteString"
                },
                {
                  "name": "serverConn.CloseConn"
                },
                {
                  "name": "serverConn.Flush"
                },
                {
                  "name": "stickyErrWriter.Write"
                },
                {
                  "name": "transportResponseBody.Close"
                },
                {
                  "name": "transportResponseBody.Read"
                },
                {
                  "name": "writeData.String"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.7.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2/hpack",
              "product": "golang.org/x/net/http2/hpack",
              "programRoutines": [
                {
                  "name": "Decoder.parseFieldLiteral"
                },
                {
                  "name": "Decoder.readString"
                },
                {
                  "name": "Decoder.DecodeFull"
                },
                {
                  "name": "Decoder.Write"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.7.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Philippe Antoine (Catena cyber)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE 400: Uncontrolled Resource Consumption",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-25T11:09:48.448Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/57855"
            },
            {
              "url": "https://go.dev/cl/468135"
            },
            {
              "url": "https://go.dev/cl/468295"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2023-1571"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/"
            },
            {
              "url": "https://www.couchbase.com/alerts/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
            },
            {
              "url": "https://security.gentoo.org/glsa/202311-09"
            }
          ],
          "title": "Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2022-41723",
        "datePublished": "2023-02-28T17:19:45.801Z",
        "dateReserved": "2022-09-28T17:00:06.610Z",
        "dateUpdated": "2025-05-05T16:12:28.159Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41717 (GCVE-0-2022-41717)

    Vulnerability from cvelistv5 – Published: 2022-12-08 19:03 – Updated: 2025-02-13 16:33
    VLAI
    Title
    Excessive memory growth in net/http and golang.org/x/net/http2
    Summary
    An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
    Severity
    No CVSS data available.
    CWE
    • CWE 400: Uncontrolled Resource Consumption
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http Affected: 0 , < 1.18.9 (semver)
    Affected: 1.19.0-0 , < 1.19.4 (semver)
    Create a notification for this product.
    golang.org/x/net golang.org/x/net/http2 Affected: 0 , < 0.4.0 (semver)
    Create a notification for this product.
    Credits
    Josselin Costanzi
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:49:43.657Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20230120-0008/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/56350"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/455717"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/455635"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2022-1144"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202311-09"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "http2serverConn.canonicalHeader"
                },
                {
                  "name": "ListenAndServe"
                },
                {
                  "name": "ListenAndServeTLS"
                },
                {
                  "name": "Serve"
                },
                {
                  "name": "ServeTLS"
                },
                {
                  "name": "Server.ListenAndServe"
                },
                {
                  "name": "Server.ListenAndServeTLS"
                },
                {
                  "name": "Server.Serve"
                },
                {
                  "name": "Server.ServeTLS"
                },
                {
                  "name": "http2Server.ServeConn"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.18.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.19.4",
                  "status": "affected",
                  "version": "1.19.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2",
              "product": "golang.org/x/net/http2",
              "programRoutines": [
                {
                  "name": "serverConn.canonicalHeader"
                },
                {
                  "name": "Server.ServeConn"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.4.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Josselin Costanzi"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE 400: Uncontrolled Resource Consumption",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-18T02:06:25.182Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/56350"
            },
            {
              "url": "https://go.dev/cl/455717"
            },
            {
              "url": "https://go.dev/cl/455635"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2022-1144"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
            },
            {
              "url": "https://security.gentoo.org/glsa/202311-09"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
            }
          ],
          "title": "Excessive memory growth in net/http and golang.org/x/net/http2"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2022-41717",
        "datePublished": "2022-12-08T19:03:53.161Z",
        "dateReserved": "2022-09-28T17:00:06.608Z",
        "dateUpdated": "2025-02-13T16:33:08.284Z",
        "requesterUserId": "7d08541a-cd0a-42e2-8f81-76e6ceb65fc3",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41720 (GCVE-0-2022-41720)

    Vulnerability from cvelistv5 – Published: 2022-12-07 16:11 – Updated: 2025-04-23 15:43
    VLAI
    Title
    Restricted file access on Windows in os and net/http
    Summary
    On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS("C:/tmp").Open("COM1") opens the COM1 device. Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the drive and access any path on the system. With fix applied, the behavior of os.DirFS("") has changed. Previously, an empty root was treated equivalently to "/", so os.DirFS("").Open("tmp") would open the path "/tmp". This now returns an error.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE 22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library os Affected: 0 , < 1.18.9 (semver)
    Affected: 1.19.0-0 , < 1.19.4 (semver)
    Create a notification for this product.
    Go standard library net/http Affected: 0 , < 1.18.9 (semver)
    Affected: 1.19.0-0 , < 1.19.4 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:49:43.510Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/56694"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/455716"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2022-1143"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41720",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T15:41:16.852650Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-23T15:43:46.208Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "os",
              "platforms": [
                "windows"
              ],
              "product": "os",
              "programRoutines": [
                {
                  "name": "dirFS.Open"
                },
                {
                  "name": "dirFS.Stat"
                },
                {
                  "name": "DirFS"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.18.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.19.4",
                  "status": "affected",
                  "version": "1.19.0-0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "platforms": [
                "windows"
              ],
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "Dir.Open"
                },
                {
                  "name": "ServeFile"
                },
                {
                  "name": "fileHandler.ServeHTTP"
                },
                {
                  "name": "fileTransport.RoundTrip"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.18.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.19.4",
                  "status": "affected",
                  "version": "1.19.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS(\"C:/tmp\").Open(\"COM1\") opens the COM1 device. Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the drive and access any path on the system. With fix applied, the behavior of os.DirFS(\"\") has changed. Previously, an empty root was treated equivalently to \"/\", so os.DirFS(\"\").Open(\"tmp\") would open the path \"/tmp\". This now returns an error."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE 22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-12T19:05:39.487Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/56694"
            },
            {
              "url": "https://go.dev/cl/455716"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2022-1143"
            }
          ],
          "title": "Restricted file access on Windows in os and net/http"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2022-41720",
        "datePublished": "2022-12-07T16:11:18.867Z",
        "dateReserved": "2022-09-28T17:00:06.609Z",
        "dateUpdated": "2025-04-23T15:43:46.208Z",
        "requesterUserId": "7d08541a-cd0a-42e2-8f81-76e6ceb65fc3",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }