CVE-2021-44716
01.01.2022, 05:15
net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| golang | go | 𝑥 < 1.16.12 |
| golang | go | 1.17.0 ≤ 𝑥 < 1.17.5 |
| debian | debian_linux | 9.0 |
| netapp | cloud_insights_telegraf | - |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| golang-1.11 |
| ||||||||||||||||||||||
| golang-1.15 |
| ||||||||||||||||||||||
| golang-1.17 |
| ||||||||||||||||||||||
| golang-1.7 |
| ||||||||||||||||||||||
| golang-1.8 |
| ||||||||||||||||||||||
| golang-golang-x-net |
| ||||||||||||||||||||||
| golang-golang-x-net-dev |
| ||||||||||||||||||||||
| google-guest-agent |
|
Amazon Linux Releases
Amazon Package | |||||||
|---|---|---|---|---|---|---|---|
| golang |
| ||||||
| golang-bin |
| ||||||
| golang-docs |
| ||||||
| golang-misc |
| ||||||
| golang-race |
| ||||||
| golang-shared |
| ||||||
| golang-src |
| ||||||
| golang-tests |
|
Azure Linux Releases
Azure Package | |||||
|---|---|---|---|---|---|
| application-gateway-kubernetes-ingress |
| ||||
| buildah |
| ||||
| cf-cli |
| ||||
| cri-o |
| ||||
| csi-driver-lvm |
| ||||
| flannel |
| ||||
| git-lfs |
| ||||
| golang |
| ||||
| jx |
| ||||
| keda |
| ||||
| kube-vip-cloud-provider |
| ||||
| kured |
| ||||
| libcontainers-common |
| ||||
| local-path-provisioner |
| ||||
| moby-buildx |
| ||||
| moby-cli |
| ||||
| moby-engine |
| ||||
| multus |
| ||||
| nmi |
| ||||
| node-problem-detector |
| ||||
| prometheus-node-exporter |
| ||||
| prometheus-process-exporter |
| ||||
| rook |
|
References