23 matches found
Denial Of Service
golang.org/x/net/http2 is vulnerable to Denial of Service DoS. The vulnerability is due to a missing nil check when processing HTTP/2 frames, where receiving frame types 0x0a through 0x0f can trigger a server panic, causing the application to crash and resulting in a denial of service condition...
CLEANSTART-2026-SM37781 Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
Multiple security vulnerabilities affect the cert-manager-fips package. Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic See references for individual vulnerability details...
SUSE CVE-2026-27141
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
EUVD-2026-8880
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
CVE-2026-27141
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
AZL-78656 CVE-2026-27141 affecting package buildah 1.41.4-6
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
AZL-78680 CVE-2026-27141 affecting package azurelinux-image-tools 1.2.0-1
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
AZL-78629 CVE-2026-27141 affecting package nmi 1.8.17-6
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
AZL-78659 CVE-2026-27141 affecting package cri-o 1.30.1-1
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
AZL-78653 CVE-2026-27141 affecting package azl-otel-collector 0.127.0-1
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
AZL-78662 CVE-2026-27141 affecting package podman 5.6.1-7
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
UBUNTU-CVE-2026-27141
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
CVE-2026-27141
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
CVE-2026-27141
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
CVE-2026-27141
CVE-2026-27141 involves a panic in responses to certain HTTP/2 frames due to a missing nil check. Concrete details from connected docs show affected packages and versions: ignition-flatcar < 2.22.0-2 and azurelinux-image-tools
CVE-2026-27141
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
CVE-2026-27141 Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
CVE-2026-27141 Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
CVE-2026-27141
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...
Uncaught Exception
Overview golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. Affected versions of this package are vulnerable to Uncaught Exception due to missing nil check. An attacker can cause the server to panic and potentially disrupt service by sending specially crafted HTTP/2 frames...