View all vulnerabilities

CVE-2022-27664

Denial of service in net/http and golang.org/x/net/http2

HTTP/2 server connections can hang forever waiting for a clean shutdown that was preempted by a fatal error. This condition can be exploited by a malicious client to cause a denial of service.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Vulnerability Details
Score
Score Vector
Affected Versions
stdlib >= 1.19.0-0 < 1.19.1; golang.org/x/net < 0.0.0-20220906165146-f3363e06e74c
Severity
Ecosystem
GO
Publish Date
September 12, 2022
Modified Date
May 20, 2024