GoLang H2c
By the Year
In 2023 there have been 1 vulnerability in GoLang H2c with an average score of 7.5 out of ten. H2c did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 1 | 7.50 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new H2c vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent GoLang H2c Security Vulnerabilities
A request smuggling attack is possible when using MaxBytesHandler
CVE-2022-41721
7.5 - High
- January 13, 2023
A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.
HTTP Request Smuggling
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for GoLang H2c or by GoLang? Click the Watch button to subscribe.
