pkg:Go/golang.org/x/net

All known vulnerabilities

• MEDIUM5.3CVE-2023-44487⚠ KEVnghttp2 - security update
  from 0, < 0.17.0
• CRITICAL9.6CVE-2026-39821Invoking failure to reject ASCII-only Punycode-encoded labels in golang.org/x/net/idna
  from 0, < 0.55.0
• HIGH7.5CVE-2026-33814Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
  from 0, < 0.53.0
• HIGH7.5Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
  >= 0.50.0, < 0.51.0
• HIGH7.5HTTP/2 rapid reset can cause excessive work in net/http
  from 0, < 0.17.0
• HIGH7.5HTTP/2 rapid reset can cause excessive work in net/http
  from 0, < 0.17.0
• HIGH7.5Infinite loop due to improper handling of "select" tags in golang.org/x/net/html
  from 0, < 0.0.0-20190125091013-d26f9f9a57f3
• HIGH7.5Infinite loop due to improper handling of "select" tags in golang.org/x/net/html
  from 0, < 0.0.0-20190125091013-d26f9f9a57f3
• HIGH7.5Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
  from 0, < 0.7.0
• HIGH7.5Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
  from 0, < 0.7.0
• HIGH7.5Request smuggling due to improper request handling in golang.org/x/net/http2/h2c
  >= 0.0.0-20220524220425-1d687d428aca, < 0.1.1-0.20221104162952-702349b0e862
• HIGH7.5Request smuggling due to improper request handling in golang.org/x/net/http2/h2c
  >= 0.0.0-20220524220425-1d687d428aca, < 0.1.1-0.20221104162952-702349b0e862
• HIGH7.5Denial of service in net/http and golang.org/x/net/http2
  from 0, < 0.0.0-20220906165146-f3363e06e74c
• HIGH7.5Denial of service in net/http and golang.org/x/net/http2
  from 0, < 0.0.0-20220906165146-f3363e06e74c
• HIGH7.5Infinite loop when parsing inputs in golang.org/x/net/html
  from 0, < 0.0.0-20210520170846-37e1c6afe023
• HIGH7.5Infinite loop when parsing inputs in golang.org/x/net/html
  from 0, < 0.0.0-20210520170846-37e1c6afe023
• HIGH7.5h2o - security update
  from 0, < 0.0.0-20190813141303-74dc4d7220e7
• HIGH7.5h2o - security update
  from 0, < 0.0.0-20190813141303-74dc4d7220e7
• HIGH7.5h2o - security update
  from 0, < 0.0.0-20190813141303-74dc4d7220e7
• HIGH7.5Panic when parsing certain inputs in golang.org/x/net/html
  from 0, < 0.0.0-20190125002852-4b62a64f59f7
• HIGH7.5Panic when parsing certain inputs in golang.org/x/net/html
  from 0, < 0.0.0-20190125002852-4b62a64f59f7
• HIGH7.5Panic when parsing certain inputs in golang.org/x/net/html
  from 0, < 0.0.0-20190125002852-4b62a64f59f7
• HIGH7.5Panic on unconsidered isindex and template combination in golang.org/x/net/html
  from 0, < 0.0.0-20180921000356-2f5d2388922f
• HIGH7.5Incorrect parsing of nested templates in golang.org/x/net/html
  from 0, < 0.0.0-20180925071336-cf3bd585ca2a
• HIGH7.5Panic on unconsidered isindex and template combination in golang.org/x/net/html
  from 0, < 0.0.0-20180921000356-2f5d2388922f
• HIGH7.5Incorrect parsing of nested templates in golang.org/x/net/html
  from 0, < 0.0.0-20180925071336-cf3bd585ca2a
• HIGH7.5Panic when parsing malformed HTML in golang.org/x/net/html
  from 0, < 0.0.0-20180816102801-aaf60122140d
• HIGH7.5Panic when parsing malformed HTML in golang.org/x/net/html
  from 0, < 0.0.0-20180816102801-aaf60122140d
• HIGH7.5Unbounded memory growth in net/http and golang.org/x/net/http2
  from 0, < 0.0.0-20211209124913-491a49abca63
• MEDIUM6.5Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html
  from 0, < 0.55.0
• MEDIUM6.5Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
  from 0, < 0.38.0
• MEDIUM6.5Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
  from 0, < 0.38.0
• MEDIUM6.1Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html
  from 0, < 0.55.0
• MEDIUM6.1Invoking incorrect handling of namespaced elements in foreign content in golang.org/x/net/html
  from 0, < 0.55.0
• MEDIUM6.1Invoking duplicate attributes can cause XSS in golang.org/x/net/html
  from 0, < 0.55.0
• MEDIUM6.1Invoking incorrect handling of HTML elements in foreign content in golang.org/x/net/html
  from 0, < 0.55.0
• MEDIUM6.1Improper rendering of text nodes in golang.org/x/net/html
  from 0, < 0.13.0
• MEDIUM6.1Improper rendering of text nodes in golang.org/x/net/html
  from 0, < 0.13.0
• MEDIUM5.9Panic due to large headers in net/http and golang.org/x/net/http/httpguts
  from 0, < 0.0.0-20210428140749-89ef3d95e781
• MEDIUM5.9Panic due to large headers in net/http and golang.org/x/net/http/httpguts
  from 0, < 0.0.0-20210428140749-89ef3d95e781
• MEDIUM5.3Quadratic parsing complexity in golang.org/x/net/html
  from 0, < 0.45.0
• MEDIUM5.3Infinite parsing loop in golang.org/x/net
  from 0, < 0.45.0
• MEDIUM5.3Non-linear parsing of case-insensitive content in golang.org/x/net/html
  from 0, < 0.33.0
• MEDIUM5.3HTTP/2 CONTINUATION flood in net/http
  from 0, < 0.23.0
• MEDIUM5.3HTTP/2 CONTINUATION flood in net/http
  from 0, < 0.23.0
• MEDIUM5.3Excessive memory growth in net/http and golang.org/x/net/http2
  from 0, < 0.4.0
• MEDIUM5.3Excessive memory growth in net/http and golang.org/x/net/http2
  from 0, < 0.4.0
• MEDIUM4.4HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net
  from 0, < 0.36.0
• MEDIUM4.4HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net
  from 0, < 0.36.0