Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/golang-golang-x-net@1:0.4.0%2Bdfsg-1?distro=trixie

Type deb

Namespace debian

Name golang-golang-x-net

Version 1:0.4.0+dfsg-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:0.14.0-1

Latest_non_vulnerable_version 1:0.53.0-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-5kkq-5jpf-fqev

vulnerability_id VCID-5kkq-5jpf-fqev

summary Multiple vulnerabilities have been discovered in HashiCorp Consul, the worst of which could result in denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41717.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41717.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-41717

reference_id

reference_type

scores

value	0.00331
scoring_system	epss
scoring_elements	0.56052
published_at	2026-04-21T12:55:00Z

value	0.00331
scoring_system	epss
scoring_elements	0.56079
published_at	2026-04-18T12:55:00Z

value	0.00331
scoring_system	epss
scoring_elements	0.56076
published_at	2026-04-16T12:55:00Z

value	0.00331
scoring_system	epss
scoring_elements	0.56041
published_at	2026-04-13T12:55:00Z

value	0.00331
scoring_system	epss
scoring_elements	0.56058
published_at	2026-04-12T12:55:00Z

value	0.00331
scoring_system	epss
scoring_elements	0.56078
published_at	2026-04-11T12:55:00Z

value	0.00331
scoring_system	epss
scoring_elements	0.56067
published_at	2026-04-09T12:55:00Z

value	0.00331
scoring_system	epss
scoring_elements	0.56064
published_at	2026-04-08T12:55:00Z

value	0.00331
scoring_system	epss
scoring_elements	0.56013
published_at	2026-04-07T12:55:00Z

value	0.00331
scoring_system	epss
scoring_elements	0.56034
published_at	2026-04-04T12:55:00Z

value	0.00331
scoring_system	epss
scoring_elements	0.56014
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-41717

reference_url

https://cs.opensource.google/go/x/net

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://cs.opensource.google/go/x/net

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://go.dev/cl/455635

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://go.dev/cl/455635

reference_url

https://go.dev/cl/455717

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://go.dev/cl/455717

reference_url

https://go.dev/issue/56350

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://go.dev/issue/56350

reference_url

https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-41717

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-41717

reference_url

https://pkg.go.dev/vuln/GO-2022-1144

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2022-1144

reference_url

https://security.gentoo.org/glsa/202311-09

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/202311-09

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2161274
reference_id	2161274
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2161274

reference_url	https://security.gentoo.org/glsa/202409-28
reference_id	GLSA-202409-28
reference_type
scores
url	https://security.gentoo.org/glsa/202409-28

reference_url	https://security.gentoo.org/glsa/202409-29
reference_id	GLSA-202409-29
reference_type
scores
url	https://security.gentoo.org/glsa/202409-29

reference_url	https://access.redhat.com/errata/RHSA-2023:0328
reference_id	RHSA-2023:0328
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0328

reference_url	https://access.redhat.com/errata/RHSA-2023:0446
reference_id	RHSA-2023:0446
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0446

reference_url	https://access.redhat.com/errata/RHSA-2023:0584
reference_id	RHSA-2023:0584
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0584

reference_url	https://access.redhat.com/errata/RHSA-2023:0632
reference_id	RHSA-2023:0632
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0632

reference_url	https://access.redhat.com/errata/RHSA-2023:0692
reference_id	RHSA-2023:0692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0692

reference_url	https://access.redhat.com/errata/RHSA-2023:0693
reference_id	RHSA-2023:0693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0693

reference_url	https://access.redhat.com/errata/RHSA-2023:0728
reference_id	RHSA-2023:0728
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0728

reference_url	https://access.redhat.com/errata/RHSA-2023:0769
reference_id	RHSA-2023:0769
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0769

reference_url	https://access.redhat.com/errata/RHSA-2023:0774
reference_id	RHSA-2023:0774
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0774

reference_url	https://access.redhat.com/errata/RHSA-2023:0899
reference_id	RHSA-2023:0899
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0899

reference_url	https://access.redhat.com/errata/RHSA-2023:0918
reference_id	RHSA-2023:0918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0918

reference_url	https://access.redhat.com/errata/RHSA-2023:0930
reference_id	RHSA-2023:0930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0930

reference_url	https://access.redhat.com/errata/RHSA-2023:0931
reference_id	RHSA-2023:0931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0931

reference_url	https://access.redhat.com/errata/RHSA-2023:0932
reference_id	RHSA-2023:0932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0932

reference_url	https://access.redhat.com/errata/RHSA-2023:0934
reference_id	RHSA-2023:0934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0934

reference_url	https://access.redhat.com/errata/RHSA-2023:1030
reference_id	RHSA-2023:1030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1030

reference_url	https://access.redhat.com/errata/RHSA-2023:1079
reference_id	RHSA-2023:1079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1079

reference_url	https://access.redhat.com/errata/RHSA-2023:1154
reference_id	RHSA-2023:1154
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1154

reference_url	https://access.redhat.com/errata/RHSA-2023:1174
reference_id	RHSA-2023:1174
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1174

reference_url	https://access.redhat.com/errata/RHSA-2023:1179
reference_id	RHSA-2023:1179
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1179

reference_url	https://access.redhat.com/errata/RHSA-2023:1181
reference_id	RHSA-2023:1181
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1181

reference_url	https://access.redhat.com/errata/RHSA-2023:1268
reference_id	RHSA-2023:1268
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1268

reference_url	https://access.redhat.com/errata/RHSA-2023:1275
reference_id	RHSA-2023:1275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1275

reference_url	https://access.redhat.com/errata/RHSA-2023:1276
reference_id	RHSA-2023:1276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1276

reference_url	https://access.redhat.com/errata/RHSA-2023:1310
reference_id	RHSA-2023:1310
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1310

reference_url	https://access.redhat.com/errata/RHSA-2023:1325
reference_id	RHSA-2023:1325
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1325

reference_url	https://access.redhat.com/errata/RHSA-2023:1326
reference_id	RHSA-2023:1326
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1326

reference_url	https://access.redhat.com/errata/RHSA-2023:1327
reference_id	RHSA-2023:1327
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1327

reference_url	https://access.redhat.com/errata/RHSA-2023:1328
reference_id	RHSA-2023:1328
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1328

reference_url	https://access.redhat.com/errata/RHSA-2023:1329
reference_id	RHSA-2023:1329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1329

reference_url	https://access.redhat.com/errata/RHSA-2023:1372
reference_id	RHSA-2023:1372
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1372

reference_url	https://access.redhat.com/errata/RHSA-2023:1448
reference_id	RHSA-2023:1448
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1448

reference_url	https://access.redhat.com/errata/RHSA-2023:1529
reference_id	RHSA-2023:1529
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1529

reference_url	https://access.redhat.com/errata/RHSA-2023:1816
reference_id	RHSA-2023:1816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1816

reference_url	https://access.redhat.com/errata/RHSA-2023:1817
reference_id	RHSA-2023:1817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1817

reference_url	https://access.redhat.com/errata/RHSA-2023:2204
reference_id	RHSA-2023:2204
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2204

reference_url	https://access.redhat.com/errata/RHSA-2023:2222
reference_id	RHSA-2023:2222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2222

reference_url	https://access.redhat.com/errata/RHSA-2023:2236
reference_id	RHSA-2023:2236
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2236

reference_url	https://access.redhat.com/errata/RHSA-2023:2253
reference_id	RHSA-2023:2253
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2253

reference_url	https://access.redhat.com/errata/RHSA-2023:2282
reference_id	RHSA-2023:2282
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2282

reference_url	https://access.redhat.com/errata/RHSA-2023:2283
reference_id	RHSA-2023:2283
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2283

reference_url	https://access.redhat.com/errata/RHSA-2023:2357
reference_id	RHSA-2023:2357
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2357

reference_url	https://access.redhat.com/errata/RHSA-2023:2367
reference_id	RHSA-2023:2367
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2367

reference_url	https://access.redhat.com/errata/RHSA-2023:2758
reference_id	RHSA-2023:2758
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2758

reference_url	https://access.redhat.com/errata/RHSA-2023:2780
reference_id	RHSA-2023:2780
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2780

reference_url	https://access.redhat.com/errata/RHSA-2023:2802
reference_id	RHSA-2023:2802
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2802

reference_url	https://access.redhat.com/errata/RHSA-2023:2866
reference_id	RHSA-2023:2866
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2866

reference_url	https://access.redhat.com/errata/RHSA-2023:3204
reference_id	RHSA-2023:3204
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3204

reference_url	https://access.redhat.com/errata/RHSA-2023:3205
reference_id	RHSA-2023:3205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3205

reference_url	https://access.redhat.com/errata/RHSA-2023:3612
reference_id	RHSA-2023:3612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3612

reference_url	https://access.redhat.com/errata/RHSA-2023:3742
reference_id	RHSA-2023:3742
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3742

reference_url	https://access.redhat.com/errata/RHSA-2023:3910
reference_id	RHSA-2023:3910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3910

reference_url	https://access.redhat.com/errata/RHSA-2023:3914
reference_id	RHSA-2023:3914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3914

reference_url	https://access.redhat.com/errata/RHSA-2023:4090
reference_id	RHSA-2023:4090
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4090

reference_url	https://access.redhat.com/errata/RHSA-2023:4091
reference_id	RHSA-2023:4091
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4091

reference_url	https://access.redhat.com/errata/RHSA-2023:4470
reference_id	RHSA-2023:4470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4470

reference_url	https://access.redhat.com/errata/RHSA-2023:5982
reference_id	RHSA-2023:5982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5982

reference_url	https://access.redhat.com/errata/RHSA-2023:6420
reference_id	RHSA-2023:6420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6420

reference_url	https://access.redhat.com/errata/RHSA-2023:6818
reference_id	RHSA-2023:6818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6818

reference_url	https://access.redhat.com/errata/RHSA-2024:0746
reference_id	RHSA-2024:0746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0746

reference_url	https://usn.ubuntu.com/6038-1/
reference_id	USN-6038-1
reference_type
scores
url	https://usn.ubuntu.com/6038-1/

reference_url	https://usn.ubuntu.com/6038-2/
reference_id	USN-6038-2
reference_type
scores
url	https://usn.ubuntu.com/6038-2/

fixed_packages

url	pkg:deb/debian/golang-golang-x-net@1:0.4.0%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/golang-golang-x-net@1:0.4.0%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.4.0%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/golang-golang-x-net@1:0.7.0%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/golang-golang-x-net@1:0.7.0%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zyn-rapk-ybe8

vulnerability	VCID-73s2-6cpr-gkdu

vulnerability	VCID-aj2b-56uj-gkar

vulnerability	VCID-asx6-ds7x-6ubz

vulnerability	VCID-g8qg-4g78-pfgn

vulnerability	VCID-k6de-54xk-dkfv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.7.0%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/golang-golang-x-net@1:0.27.0-2?distro=trixie

purl pkg:deb/debian/golang-golang-x-net@1:0.27.0-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-73s2-6cpr-gkdu

vulnerability	VCID-asx6-ds7x-6ubz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.27.0-2%3Fdistro=trixie

url	pkg:deb/debian/golang-golang-x-net@1:0.47.0-2?distro=trixie
purl	pkg:deb/debian/golang-golang-x-net@1:0.47.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.47.0-2%3Fdistro=trixie

url	pkg:deb/debian/golang-golang-x-net@1:0.53.0-1?distro=trixie
purl	pkg:deb/debian/golang-golang-x-net@1:0.53.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.53.0-1%3Fdistro=trixie

aliases CVE-2022-41717, GHSA-xrjj-mj9h-534m

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5kkq-5jpf-fqev

url VCID-x54w-scep-kyde

vulnerability_id VCID-x54w-scep-kyde

summary

golang.org/x/net/http2/h2c vulnerable to request smuggling attack
A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.

### Specific Go Packages Affected
golang.org/x/net/http2/h2c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41721.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41721.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-41721

reference_id

reference_type

scores

value	0.00066
scoring_system	epss
scoring_elements	0.20528
published_at	2026-04-18T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20705
published_at	2026-04-02T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20485
published_at	2026-04-07T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20765
published_at	2026-04-04T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20531
published_at	2026-04-16T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20546
published_at	2026-04-13T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20599
published_at	2026-04-12T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20641
published_at	2026-04-11T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20621
published_at	2026-04-09T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20562
published_at	2026-04-08T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22441
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-41721

reference_url

https://cs.opensource.google/go/x/net

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cs.opensource.google/go/x/net

reference_url

https://go.dev/cl/447396

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-04T14:43:40Z/

url

https://go.dev/cl/447396

reference_url

https://go.dev/issue/56352

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-04T14:43:40Z/

url

https://go.dev/issue/56352

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-41721

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-41721

reference_url

https://pkg.go.dev/vuln/GO-2023-1495

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-04T14:43:40Z/

url

https://pkg.go.dev/vuln/GO-2023-1495

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2162182
reference_id	2162182
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2162182

reference_url	https://access.redhat.com/errata/RHSA-2023:1326
reference_id	RHSA-2023:1326
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1326

reference_url	https://access.redhat.com/errata/RHSA-2023:4627
reference_id	RHSA-2023:4627
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4627

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN/

reference_id

X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-04T14:43:40Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3H3EWQXM2XL5AGBX6UL443JEJ3GQXJN/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP/

reference_id

X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-04T14:43:40Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5DXTLLWN6HKI5I35EUZRBISTNZJ75GP/

fixed_packages

url	pkg:deb/debian/golang-golang-x-net@0?distro=trixie
purl	pkg:deb/debian/golang-golang-x-net@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@0%3Fdistro=trixie

url pkg:deb/debian/golang-golang-x-net@1:0.0%2Bgit20210119.5f4716e%2Bdfsg-4?distro=trixie

purl pkg:deb/debian/golang-golang-x-net@1:0.0%2Bgit20210119.5f4716e%2Bdfsg-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zyn-rapk-ybe8

vulnerability	VCID-5kkq-5jpf-fqev

vulnerability	VCID-73s2-6cpr-gkdu

vulnerability	VCID-aj2b-56uj-gkar

vulnerability	VCID-asx6-ds7x-6ubz

vulnerability	VCID-azr4-u36f-pbew

vulnerability	VCID-g8qg-4g78-pfgn

vulnerability	VCID-k6de-54xk-dkfv

vulnerability	VCID-sdd3-35ng-g7a3

vulnerability	VCID-w53f-uad6-gqdn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.0%252Bgit20210119.5f4716e%252Bdfsg-4%3Fdistro=trixie

url	pkg:deb/debian/golang-golang-x-net@1:0.4.0%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/golang-golang-x-net@1:0.4.0%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.4.0%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/golang-golang-x-net@1:0.7.0%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/golang-golang-x-net@1:0.7.0%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zyn-rapk-ybe8

vulnerability	VCID-73s2-6cpr-gkdu

vulnerability	VCID-aj2b-56uj-gkar

vulnerability	VCID-asx6-ds7x-6ubz

vulnerability	VCID-g8qg-4g78-pfgn

vulnerability	VCID-k6de-54xk-dkfv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.7.0%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/golang-golang-x-net@1:0.27.0-2?distro=trixie

purl pkg:deb/debian/golang-golang-x-net@1:0.27.0-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-73s2-6cpr-gkdu

vulnerability	VCID-asx6-ds7x-6ubz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.27.0-2%3Fdistro=trixie

url	pkg:deb/debian/golang-golang-x-net@1:0.47.0-2?distro=trixie
purl	pkg:deb/debian/golang-golang-x-net@1:0.47.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.47.0-2%3Fdistro=trixie

url	pkg:deb/debian/golang-golang-x-net@1:0.53.0-1?distro=trixie
purl	pkg:deb/debian/golang-golang-x-net@1:0.53.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.53.0-1%3Fdistro=trixie

aliases CVE-2022-41721, GHSA-fxg5-wq6x-vr4w

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x54w-scep-kyde

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.4.0%252Bdfsg-1%3Fdistro=trixie

Package Instance