Information on source package golang-golang-x-net

Available versions

ReleaseVersion
bullseye1:0.0+git20210119.5f4716e+dfsg-4
bookworm1:0.7.0+dfsg-1
trixie1:0.27.0-1
sid1:0.27.0-1

Open issues

BugbullseyebookwormtrixiesidDescription
CVE-2024-45338vulnerablevulnerablevulnerablevulnerableAn attacker can craft an input to the Parse functions that would be pr ...
CVE-2023-45288vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn attacker may cause an HTTP/2 endpoint to read arbitrary amounts of ...
CVE-2023-3978vulnerable (no DSA)vulnerable (no DSA)fixedfixedText nodes not in the HTML namespace are incorrectly literally rendere ...
CVE-2022-41723vulnerable (no DSA)fixedfixedfixedA maliciously crafted HTTP/2 stream could cause excessive CPU consumpt ...
CVE-2022-41717vulnerable (no DSA)fixedfixedfixedAn attacker can cause excessive memory growth in a Go server accepting ...
CVE-2022-27664vulnerable (no DSA)fixedfixedfixedIn net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers ca ...
CVE-2021-44716vulnerable (no DSA)fixedfixedfixednet/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontro ...

Resolved issues

BugDescription
CVE-2022-41721A request smuggling attack is possible when using MaxBytesHandler. Whe ...
CVE-2021-33194golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows atta ...
CVE-2021-31525net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote a ...

Search for package or bug name: Reporting problems