Lucene search
K

8 matches found

OSV
OSV
added 2026/05/11 5:44 a.m.11 views

BIT-GOLANG-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0...

7.5CVSS5.8AI score0.00781EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/07 8:16 p.m.10 views

CVE-2026-33814

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0...

7.5CVSS5.8AI score0.00781EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/07 7:41 p.m.14 views

EUVD-2026-28420

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0...

5.8AI score0.00781EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/07 7:41 p.m.10 views

CVE-2026-33814

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0...

5.8AI score0.00781EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/05/07 7:41 p.m.17 views

CVE-2026-33814

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0...

7.5CVSS5.8AI score0.00781EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/07 7:41 p.m.8 views

CVE-2026-33814

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0...

7.5CVSS5.8AI score0.00781EPSS
Exploits0
Snyk
Snyk
added 2026/05/07 7:21 p.m.7 views

Infinite loop

Overview golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. Affected versions of this package are vulnerable to Infinite loop. Go Vulnerability Report: When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receiv...

8.7CVSS5.8AI score0.00781EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.8 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which occurs when processing SETTINGS frames. If the value of SETTINGSMAXFRAMESIZE is set to 0, the...

7.5CVSS5.8AI score0.00781EPSS
Exploits0References2
Rows per page
Query Builder