Golang Http2
2 CVEs affecting Golang Http2. Latest disclosed: 2026-05-07. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-33814 | High | 7.5 | 2026-05-07 | When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a va… |
CVE-2023-44487 | High | 7.5 | 2023-10-10 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the w… |