Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

net/http: limit canonical header cache by bytes, not entries (CVE-2022-41717) #677

Closed
rcrozean opened this issue Dec 7, 2022 · 2 comments
Closed

net/http: limit canonical header cache by bytes, not entries (CVE-2022-41717) #677

rcrozean opened this issue Dec 7, 2022 · 2 comments
Labels
golang security

Comments

@rcrozean
Copy link
Member

rcrozean commented Dec 7, 2022
edited
Loading

From Goland Security Announcemnt
For additional information for CVE-2022-41717, go to the upstream issue golang/go#56350 and fix commit golang/go@76cad4e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
golang security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rcrozean @markapruett