Miggo Logo
Miggo Vulnerability Database
CVE-2023-45288

CVE-2023-45288: net/http, x/net/http2: close connections when receiving too many headers

5.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-45288
GHSA ID
GHSA-4v7x-pqxf-cx7m
EPSS Score
0.98397%
CWE
CWE-400
Published
4/4/2024
Updated
5/2/2024
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
net/httpgo< 1.21.91.21.9
golang.org/x/net/http2go< 0.23.00.23.0
net/httpgo>= 1.22.0-0, < 1.22.21.22.2
golang.org/x/netgo< 0.23.00.23.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

*n *tt**k*r m*y **us* *n *TTP/* *n*point to r*** *r*itr*ry *mounts o* *****r **t* *y s*n*in* *n *x**ssiv* num**r o* *ONTINU*TION *r*m*s. M*int*inin* *P**K st*t* r*quir*s p*rsin* *n* pro**ssin* *ll *****RS *n* *ONTINU*TION *r*m*s on * *onn**tion. W**n

Reasoning

No *n*lysis *v*il**l*