GCVE - cpe:2.3:a:golang.org/x/net:golang.org/x/net/http2/hpack:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:golang.org/x/net:golang.org/x/net/http2/hpack:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Golang.Org/X/Net (`f0b6a2fa-f653-50af-a622-ff3dd5eee8cd`)
Product	Golang.Org/X/Net/Http2/Hpack (`fd1699bb-5e13-5c4e-a464-905dcf380389`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-41723`	vulnerable	2026-06-08 05:48:30.863517	Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. Published: 2023-02-28T17:19:45.801Z Updated: 2025-05-05T16:12:28.159Z Open on db.gcve.eu Reference links https://go.dev/issue/57855 https://go.dev/cl/468135 https://go.dev/cl/468295 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://pkg.go.dev/vuln/GO-2023-1571	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.