3 matches found
Uncaught Exception
Overview golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. Affected versions of this package are vulnerable to Uncaught Exception due to missing nil check. An attacker can cause the server to panic and potentially disrupt service by sending specially crafted HTTP/2 frames...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Go vulnerabilities (USN-7109-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7109-1 advisory. Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this...
PT-2023-6302
Name of the Vulnerable Software and Affected Versions Go http2 package affected versions not specified Description A malicious HTTP/2 client can cause excessive server resource consumption by rapidly creating requests and immediately resetting them. This allows the attacker to create a new reques...