Golang Networking vulnerabilities
2 known vulnerabilities affecting golang/networking.
Total CVEs
2
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-44487HIGHCVSS 7.5KEVPoCfixed in 0.17.02023-10-10
CVE-2023-44487 [HIGH] CWE-400 CVE-2023-44487: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancell
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
nvd
CVE-2023-3978MEDIUMCVSS 6.1fixed in 0.13.02023-08-02
CVE-2023-3978 [MEDIUM] CWE-79 CVE-2023-3978: Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should b
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.
nvd