| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-58186 | Lack of limit when parsing cookies can cause memory exhaustion in net/http | Go standard library | net/http | - | - | 2025-10-29 22:10:14 | Deep Dive |
| CVE-2025-47910 | CrossOriginProtection insecure bypass patterns not limited to exact matches in net/http | Go standard library | net/http | - | - | 2025-09-22 21:01:55 | Deep Dive |
| CVE-2025-4673 | Sensitive headers not cleared on cross-origin redirect in net/http | Go standard library | net/http | - | - | 2025-06-11 16:42:53 | Deep Dive |
| CVE-2025-22871 | Request smuggling due to acceptance of invalid chunked data in net/http | Go standard library | net/http/internal | - | - | 2025-04-08 20:04:35 | Deep Dive |
| CVE-2025-22870 | HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net | Go standard library | net/http | 中危 | - | 2025-03-12 18:27:59 | Deep Dive |
| CVE-2024-45336 | Sensitive headers incorrectly sent after cross-domain redirect in net/http | Go standard library | net/http | 高危 | - | 2025-01-28 01:03:25 | Deep Dive |
| CVE-2025-23677 | WordPress HTTP to HTTPS link changer by Eyga.net plugin <= 0.2.4 - CSRF to Stored XSS vulnerability | DSmidge | HTTP to HTTPS link changer by Eyga.net | High | 7.1 | 2025-01-16 20:06:39 | Deep Dive |
| CVE-2024-24791 | Denial of service due to improper 100-continue handling in net/http | Go standard library | net/http | - | - | 2024-07-02 21:28:26 | Deep Dive |
| CVE-2023-45288 | HTTP/2 CONTINUATION flood in net/http | Go standard library | net/http | 高危 | - | 2024-04-04 20:37:31 | Deep Dive |
| CVE-2023-45289 | Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http | Go standard library | net/http | - | - | 2024-03-05 22:22:30 | Deep Dive |
| CVE-2023-39326 | Denial of service via chunk extensions in net/http | Go standard library | net/http/internal | 中危 | - | 2023-12-06 16:27:54 | Deep Dive |
| CVE-2023-39325 | HTTP/2 rapid reset can cause excessive work in net/http | Go standard library | net/http | 高危 | - | 2023-10-11 21:15:03 | Deep Dive |
| CVE-2023-29406 | Insufficient sanitization of Host header in net/http | Go standard library | net/http | 中危 | - | 2023-07-11 19:23:59 | Deep Dive |
| CVE-2022-41723 | Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net | Go standard library | net/http | 高危 | - | 2023-02-28 17:19:46 | Deep Dive |
| CVE-2022-41717 | Excessive memory growth in net/http and golang.org/x/net/http2 | Go standard library | net/http | 中危 | - | 2022-12-08 19:03:53 | Deep Dive |
| CVE-2022-41720 | Restricted file access on Windows in os and net/http | Go standard library | os | 高危 | - | 2022-12-07 16:11:19 | Deep Dive |
| CVE-2022-2880 | Incorrect sanitization of forwarded query parameters in net/http/httputil | Go standard library | net/http/httputil | 高危 | - | 2022-10-14 00:00:00 | Deep Dive |
| CVE-2022-32148 | Exposure of client IP addresses in net/http | Go standard library | net/http | 中危 | - | 2022-08-09 20:18:21 | Deep Dive |
| CVE-2022-1705 | Improper sanitization of Transfer-Encoding headers in net/http | Go standard library | net/http | 中危 | - | 2022-08-09 20:16:57 | Deep Dive |