3 matches found
Infinite loop
Overview std/net/http is a Go standard library package std/net/http Affected versions of this package are vulnerable to Infinite loop. Go Vulnerability Report: When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...
Allocation of Resources Without Limits or Throttling
Overview std/net/textproto is a Go standard library package std/net/textproto Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: HTTP and MIME header parsing can allocate large amounts of memory, even when parsing sma...
Improper Certificate Validation
Overview std/crypto/x509 is a Go standard library package std/crypto/x509 Affected versions of this package are vulnerable to Improper Certificate Validation. Go Vulnerability Report: A Windows vulnerability allows attackers to spoof valid certificate chains when the system root store is in use.A...