CRITICAL9.6CVE-2026-39821Invoking failure to reject ASCII-only Punycode-encoded labels in golang.org/x/net/idna from 0
HIGH7.5CVE-2026-33814Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net from 0
HIGH7.5CVE-2022-41723Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net from 0
HIGH7.5Request smuggling due to improper request handling in golang.org/x/net/http2/h2c
from 0, < 1:0.4.0+dfsg-1
HIGH7.5Denial of service in net/http and golang.org/x/net/http2
from 0
HIGH7.5Infinite loop when parsing inputs in golang.org/x/net/html
from 0, < 1:0.0+git20210119.5f4716e+dfsg-4
HIGH7.5Unbounded memory growth in net/http and golang.org/x/net/http2
from 0
MEDIUM6.5Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html
from 0
MEDIUM6.5Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
from 0
MEDIUM6.1Invoking incorrect handling of namespaced elements in foreign content in golang.org/x/net/html
from 0
MEDIUM6.1Invoking incorrect handling of HTML elements in foreign content in golang.org/x/net/html
from 0
MEDIUM6.1Invoking duplicate attributes can cause XSS in golang.org/x/net/html
from 0
MEDIUM6.1Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html
from 0
MEDIUM6.1Improper rendering of text nodes in golang.org/x/net/html
from 0
MEDIUM5.9Panic due to large headers in net/http and golang.org/x/net/http/httpguts
from 0, < 1:0.0+git20210119.5f4716e+dfsg-3
MEDIUM5.3Quadratic parsing complexity in golang.org/x/net/html
from 0
MEDIUM5.3Infinite parsing loop in golang.org/x/net
from 0
MEDIUM5.3Non-linear parsing of case-insensitive content in golang.org/x/net/html
from 0
MEDIUM5.3HTTP/2 CONTINUATION flood in net/http
from 0
MEDIUM5.3Excessive memory growth in net/http and golang.org/x/net/http2
from 0