http

package standard library

Go to main page

Versions in this module

go1

go1.23rc2

Jul 16, 2024

go1.23rc1

Jun 21, 2024

go1.22.5

Jul 2, 2024

go1.22.4

Jun 4, 2024 GO-2024-2963

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.22.3

May 7, 2024 GO-2024-2963

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.22.2

Apr 3, 2024 GO-2024-2963

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.22.1

Mar 5, 2024 GO-2024-2687 +1 more

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.22.0

Feb 6, 2024 GO-2024-2600 +2 more

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

Changes in this version

+ func ServeFileFS(w ResponseWriter, r *Request, fsys fs.FS, name string)

type Handler

+ func FileServerFS(root fs.FS) Handler

type Request

+ func (r *Request) PathValue(name string) string

+ func (r *Request) SetPathValue(name, value string)

type RoundTripper

+ func NewFileTransportFS(fsys fs.FS) RoundTripper

go1.22rc2

Jan 24, 2024 GO-2024-2600 +2 more

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.22rc1

Dec 19, 2023 GO-2024-2600 +2 more

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21.12

Jul 2, 2024

go1.21.11

Jun 4, 2024 GO-2024-2963

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21.10

May 7, 2024 GO-2024-2963

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21.9

Apr 3, 2024 GO-2024-2963

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21.8

Mar 5, 2024 GO-2024-2687 +1 more

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21.7

Feb 6, 2024 GO-2024-2600 +2 more

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21.6

Jan 9, 2024 GO-2024-2600 +2 more

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21.5

Dec 5, 2023 GO-2024-2600 +2 more

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21.4

Nov 7, 2023 GO-2024-2600 +2 more

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21.3

Oct 10, 2023 GO-2024-2600 +2 more

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21.2

Oct 5, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21.1

Sep 6, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21.0

Aug 8, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

Changes in this version

+ var ErrSchemeMismatch = errors.New("http: server gave HTTP response to HTTPS client")

type ProtocolError

+ func (pe *ProtocolError) Is(err error) bool

type ResponseController

+ func (c *ResponseController) EnableFullDuplex() error

go1.21rc4

Aug 2, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21rc3

Jul 14, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21rc2

Jun 21, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.21rc1

Jun 16, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.14

Feb 6, 2024 GO-2024-2600 +2 more

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.13

Jan 9, 2024 GO-2024-2600 +2 more

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.12

Dec 5, 2023 GO-2024-2600 +2 more

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.11

Nov 7, 2023 GO-2024-2600 +2 more

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.10

Oct 10, 2023 GO-2024-2600 +2 more

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.9

Oct 5, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.8

Sep 6, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.7

Aug 1, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.6

Jul 11, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.5

Jun 6, 2023 GO-2023-1878 +4 more

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.4

May 2, 2023 GO-2023-1878 +4 more

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.3

Apr 4, 2023 GO-2023-1878 +4 more

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.2

Mar 7, 2023 GO-2023-1878 +4 more

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20.1

Feb 14, 2023 GO-2023-1878 +4 more

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20

Feb 1, 2023 GO-2023-1571 +5 more

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

Changes in this version

+ type ResponseController struct

+ func NewResponseController(rw ResponseWriter) *ResponseController

+ func (c *ResponseController) Flush() error

+ func (c *ResponseController) Hijack() (net.Conn, *bufio.ReadWriter, error)

+ func (c *ResponseController) SetReadDeadline(deadline time.Time) error

+ func (c *ResponseController) SetWriteDeadline(deadline time.Time) error

type Server

+ DisableGeneralOptionsHandler bool

type Transport

+ OnProxyConnectResponse func(ctx context.Context, proxyURL *url.URL, connectReq *Request, ...) error

go1.20rc3

Jan 12, 2023 GO-2023-1571 +5 more

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20rc2

Jan 4, 2023 GO-2023-1571 +5 more

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.20rc1

Dec 7, 2022 GO-2023-1571 +5 more

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19.13

Sep 6, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19.12

Aug 1, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19.11

Jul 11, 2023 GO-2023-2102 +3 more

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19.10

Jun 6, 2023 GO-2023-1878 +4 more

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19.9

May 2, 2023 GO-2023-1878 +4 more

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19.8

Apr 4, 2023 GO-2023-1878 +4 more

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19.7

Mar 7, 2023 GO-2023-1878 +4 more

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19.6

Feb 14, 2023 GO-2023-1878 +4 more

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19.5

Jan 10, 2023 GO-2023-1571 +5 more

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19.4

Dec 6, 2022 GO-2023-1571 +5 more

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19.3

Nov 1, 2022 GO-2022-1143 +7 more

GO-2022-1143: Restricted file access on Windows in os and net/http

GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19.2

Oct 4, 2022 GO-2022-1143 +7 more

GO-2022-1143: Restricted file access on Windows in os and net/http

GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19.1

Sep 6, 2022 GO-2022-1143 +7 more

GO-2022-1143: Restricted file access on Windows in os and net/http

GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19

Aug 2, 2022 GO-2022-0969 +8 more

GO-2022-0969: Denial of service in net/http and golang.org/x/net/http2

GO-2022-1143: Restricted file access on Windows in os and net/http

GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

Changes in this version

+ type MaxBytesError struct

+ Limit int64

+ func (e *MaxBytesError) Error() string

go1.19rc2

Jul 12, 2022 GO-2022-0969 +8 more

GO-2022-0969: Denial of service in net/http and golang.org/x/net/http2

GO-2022-1143: Restricted file access on Windows in os and net/http

GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19rc1

Jul 6, 2022 GO-2022-0969 +8 more

GO-2022-0969: Denial of service in net/http and golang.org/x/net/http2

GO-2022-1143: Restricted file access on Windows in os and net/http

GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.19beta1

Jun 9, 2022 GO-2022-0969 +8 more

GO-2022-0969: Denial of service in net/http and golang.org/x/net/http2

GO-2022-1143: Restricted file access on Windows in os and net/http

GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.18.10

Jan 10, 2023 GO-2023-1571 +5 more

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.18.9

Dec 6, 2022 GO-2023-1571 +5 more

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.18.8

Nov 1, 2022 GO-2022-1143 +7 more

GO-2022-1143: Restricted file access on Windows in os and net/http

GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.18.7

Oct 4, 2022 GO-2022-1143 +7 more

GO-2022-1143: Restricted file access on Windows in os and net/http

GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.18.6

Sep 6, 2022 GO-2022-1143 +7 more

GO-2022-1143: Restricted file access on Windows in os and net/http

GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.18.5

Aug 1, 2022 GO-2022-0969 +8 more

GO-2022-0969: Denial of service in net/http and golang.org/x/net/http2

GO-2022-1143: Restricted file access on Windows in os and net/http

GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.18.4

Jul 12, 2022 GO-2022-0969 +8 more

GO-2022-0969: Denial of service in net/http and golang.org/x/net/http2

GO-2022-1143: Restricted file access on Windows in os and net/http

GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.18.3

Jun 1, 2022 GO-2022-0520 +10 more

GO-2022-0520: Exposure of client IP addresses in net/http

GO-2022-0525: Improper sanitization of Transfer-Encoding headers in net/http

GO-2022-0969: Denial of service in net/http and golang.org/x/net/http2

GO-2022-1143: Restricted file access on Windows in os and net/http

GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

go1.18.2

May 10, 2022 GO-2022-0520 +10 more