CVE-2022-41723 Information

Mar 01, 2023 cve

Description

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder sufficient to cause a denial of service from a small number of small requests.

Reference

https://go.dev/cl/468135 https://go.dev/issue/57855 https://go.dev/cl/468295 https://pkg.go.dev/vuln/GO-2023-1571 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E

Share on: