CVE-2022-27664

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2022-27664

Severity

Unknown

Description

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.

References

https://images.chainguard.dev/security/CGA-mj57-h4mg-wrcj
https://github.com/advisories/GHSA-69cg-p879-7622
https://images.chainguard.dev/security/CGA-pvj7-f64c-vrg8
https://images.chainguard.dev/security/CGA-m633-88j7-cjfm
https://images.chainguard.dev/security/CGA-rfcq-g22p-c4ww
https://images.chainguard.dev/security/CGA-9v59-fc73-h7hh
https://images.chainguard.dev/security/CGA-wm47-77v3-qmqr
https://images.chainguard.dev/security/CGA-fxp3-36mf-h753
https://images.chainguard.dev/security/CGA-pr36-r5p2-v87m
https://images.chainguard.dev/security/CGA-8r46-r7qg-f2w3
https://images.chainguard.dev/security/CGA-3jfv-xpvw-5jx3
https://images.chainguard.dev/security/CGA-g2qp-c233-hmvg
https://images.chainguard.dev/security/CGA-hw5j-h6v6-6j6j
https://images.chainguard.dev/security/CGA-v386-jjm2-xp7r
https://security.gentoo.org/glsa/202209-26
https://security.netapp.com/advisory/ntap-20220923-0004/
https://groups.google.com/g/golang-announce
https://groups.google.com/g/golang-announce/c/x49AQzIVX-s
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/
https://security-tracker.debian.org/tracker/CVE-2022-27664

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CVE-2022-27664

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources