{"api_version":"1","generated_at":"2026-07-12T22:58:07+00:00","cve":"CVE-2026-33814","urls":{"html":"https://cve.report/CVE-2026-33814","api":"https://cve.report/api/cve/CVE-2026-33814.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-33814","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-33814"},"summary":{"title":"Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net","description":"When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.","state":"PUBLISHED","assigner":"Go","published_at":"2026-05-07 20:16:42","updated_at":"2026-07-10 12:16:41"},"problem_types":["CWE-835","CWE-606","CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')","CWE-606 Unchecked Input for Loop Condition"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"ADP","type":"DECLARED","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},{"version":"3.1","source":"ADP","type":"CVSS","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:23262","name":"https://access.redhat.com/errata/RHSA-2026:23262","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://go.dev/issue/78476","name":"https://go.dev/issue/78476","refsource":"security@golang.org","tags":["Issue Tracking","Mailing List"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://go.dev/cl/761581","name":"https://go.dev/cl/761581","refsource":"security@golang.org","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:34342","name":"https://access.redhat.com/errata/RHSA-2026:34342","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33814.json","name":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33814.json","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:37387","name":"https://access.redhat.com/errata/RHSA-2026:37387","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://go.dev/cl/761640","name":"https://go.dev/cl/761640","refsource":"security@golang.org","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467815","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2467815","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:33123","name":"https://access.redhat.com/errata/RHSA-2026:33123","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:23264","name":"https://access.redhat.com/errata/RHSA-2026:23264","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:33120","name":"https://access.redhat.com/errata/RHSA-2026:33120","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M","name":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M","refsource":"security@golang.org","tags":["Release Notes"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/security/cve/CVE-2026-33814","name":"https://access.redhat.com/security/cve/CVE-2026-33814","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:33142","name":"https://access.redhat.com/errata/RHSA-2026:33142","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://pkg.go.dev/vuln/GO-2026-4918","name":"https://pkg.go.dev/vuln/GO-2026-4918","refsource":"security@golang.org","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:33150","name":"https://access.redhat.com/errata/RHSA-2026:33150","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-33814","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33814","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"golang.org/x/net","product":"golang.org/x/net/http2","version":"affected 0.53.0 semver","platforms":[]},{"source":"CNA","vendor":"Go standard library","product":"net/http","version":"affected 1.25.10 semver","platforms":[]},{"source":"CNA","vendor":"Go standard library","product":"net/http","version":"affected 1.26.0-0 1.26.3 semver","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Cluster Observability Operator 1.5.0","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Hardened Images","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.1","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.2","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.3","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4.22","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"OpenShift Service Mesh 2","version":"","platforms":[]}],"timeline":[{"source":"ADP","time":"2026-05-07T20:01:11.324Z","lang":"en","value":"Reported to Red Hat."},{"source":"ADP","time":"2026-05-07T19:41:17.631Z","lang":"en","value":"Made public."}],"solutions":[{"source":"ADP","title":"","value":"RHSA-2026:34342: Cluster Observability Operator 1.5.0","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:23262: Red Hat Hardened Images","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:23264: Red Hat Hardened Images","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:33120: Red Hat OpenShift Service Mesh 3","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:37387: Red Hat Openshift Data Foundation 4.22","time":"","lang":"en"}],"workarounds":[{"source":"ADP","title":"","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.","time":"","lang":"en"}],"exploits":[],"credits":[{"source":"CNA","value":"Marwan Atia (marwansamir688@gmail.com)","lang":"en"}],"nvd_cpes":[{"cve_year":"2026","cve_id":"33814","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"golang","cpe5":"go","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"33814","cve":"CVE-2026-33814","epss":"0.000190000","percentile":"0.052620000","score_date":"2026-05-12","updated_at":"2026-05-13 00:11:54"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},{"other":{"content":{"id":"CVE-2026-33814","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-05-08T18:00:53.951676Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-05-08T18:01:02.989Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"},{"affected":[{"cpes":["cpe:/a:redhat:cluster_observability_operator:1.5::el9"],"defaultStatus":"affected","product":"Cluster Observability Operator 1.5.0","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:hummingbird:1"],"defaultStatus":"affected","product":"Red Hat Hardened Images","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:3.1::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Service Mesh 3.1","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:3.2::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Service Mesh 3.2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:3.3::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Service Mesh 3.3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:3.0::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Service Mesh 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_data_foundation:4.22::el9"],"defaultStatus":"affected","product":"Red Hat Openshift Data Foundation 4.22","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:10"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux 10","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:8"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux 8","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:9"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux 9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:enterprise_linux_ai:3"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_ai"],"defaultStatus":"affected","product":"Red Hat OpenShift AI (RHOAI)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:container_native_virtualization:4"],"defaultStatus":"affected","product":"Red Hat OpenShift Virtualization 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:2"],"defaultStatus":"unaffected","product":"OpenShift Service Mesh 2","vendor":"Red Hat"}],"datePublic":"2026-05-07T19:41:17.631Z","descriptions":[{"lang":"en","value":"A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Important"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-606","description":"Unchecked Input for Loop Condition","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-07-10T12:05:07.682Z","orgId":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","shortName":"redhat-SADP"},"references":[{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2026-33814"},{"name":"RHBZ#2467815","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467815"},{"tags":["x_sadp-csaf-vex"],"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33814.json"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:34342"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:23262"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:23264"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:33123"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:33142"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:33150"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:33120"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:37387"}],"solutions":[{"lang":"en","value":"RHSA-2026:34342: Cluster Observability Operator 1.5.0"},{"lang":"en","value":"RHSA-2026:23262: Red Hat Hardened Images"},{"lang":"en","value":"RHSA-2026:23264: Red Hat Hardened Images"},{"lang":"en","value":"RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"},{"lang":"en","value":"RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"},{"lang":"en","value":"RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"},{"lang":"en","value":"RHSA-2026:33120: Red Hat OpenShift Service Mesh 3"},{"lang":"en","value":"RHSA-2026:37387: Red Hat Openshift Data Foundation 4.22"}],"timeline":[{"lang":"en","time":"2026-05-07T20:01:11.324Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-05-07T19:41:17.631Z","value":"Made public."}],"title":"net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame","workarounds":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}],"x_adpType":"supplier","x_generator":{"engine":"sadp-cli 1.0.0"}}],"cna":{"affected":[{"collectionURL":"https://pkg.go.dev","defaultStatus":"unaffected","packageName":"golang.org/x/net/http2","product":"golang.org/x/net/http2","programRoutines":[{"name":"clientConnReadLoop.processSettingsNoWrite"},{"name":"Transport.NewClientConn"},{"name":"Transport.RoundTrip"},{"name":"Transport.RoundTripOpt"},{"name":"clientConnPool.GetClientConn"},{"name":"noDialClientConnPool.GetClientConn"},{"name":"noDialH2RoundTripper.NewClientConn"},{"name":"noDialH2RoundTripper.RoundTrip"},{"name":"unencryptedTransport.RoundTrip"}],"vendor":"golang.org/x/net","versions":[{"lessThan":"0.53.0","status":"affected","version":"0","versionType":"semver"}]},{"collectionURL":"https://pkg.go.dev","defaultStatus":"unaffected","packageName":"net/http","product":"net/http","programRoutines":[{"name":"http2clientConnReadLoop.processSettingsNoWrite"},{"name":"Client.CloseIdleConnections"},{"name":"Client.Do"},{"name":"Client.Get"},{"name":"Client.Head"},{"name":"Client.Post"},{"name":"Client.PostForm"},{"name":"ClientConn.Close"},{"name":"ClientConn.RoundTrip"},{"name":"Get"},{"name":"Head"},{"name":"Post"},{"name":"PostForm"},{"name":"Transport.CloseIdleConnections"},{"name":"Transport.NewClientConn"},{"name":"Transport.RoundTrip"},{"name":"http1ClientConn.Close"},{"name":"http1ClientConn.RoundTrip"},{"name":"http2Transport.NewClientConn"},{"name":"http2Transport.RoundTrip"},{"name":"http2Transport.RoundTripOpt"},{"name":"http2clientConnPool.GetClientConn"},{"name":"http2noDialClientConnPool.GetClientConn"},{"name":"http2noDialH2RoundTripper.NewClientConn"},{"name":"http2noDialH2RoundTripper.RoundTrip"},{"name":"http2unencryptedTransport.RoundTrip"}],"vendor":"Go standard library","versions":[{"lessThan":"1.25.10","status":"affected","version":"0","versionType":"semver"},{"lessThan":"1.26.3","status":"affected","version":"1.26.0-0","versionType":"semver"}]}],"credits":[{"lang":"en","value":"Marwan Atia (marwansamir688@gmail.com)"}],"descriptions":[{"lang":"en","value":"When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0."}],"problemTypes":[{"descriptions":[{"description":"CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')","lang":"en"}]}],"providerMetadata":{"dateUpdated":"2026-05-07T19:41:17.631Z","orgId":"1bb62c36-49e3-4200-9d77-64a1400537cc","shortName":"Go"},"references":[{"url":"https://go.dev/cl/761581"},{"url":"https://go.dev/cl/761640"},{"url":"https://go.dev/issue/78476"},{"url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M"},{"url":"https://pkg.go.dev/vuln/GO-2026-4918"}],"title":"Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net"}},"cveMetadata":{"assignerOrgId":"1bb62c36-49e3-4200-9d77-64a1400537cc","assignerShortName":"Go","cveId":"CVE-2026-33814","datePublished":"2026-05-07T19:41:17.631Z","dateReserved":"2026-03-23T20:35:32.814Z","dateUpdated":"2026-07-10T12:05:07.682Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-07 20:16:42","lastModifiedDate":"2026-07-10 12:16:41","problem_types":["CWE-835","CWE-606","CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')","CWE-606 Unchecked Input for Loop Condition"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-08T18:00:53.951676Z","id":"CVE-2026-33814","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionEndExcluding":"1.25.10","matchCriteriaId":"1C966EF3-C51C-4239-B5FC-C44A5202FEC8"},{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionStartIncluding":"1.26.0","versionEndExcluding":"1.26.3","matchCriteriaId":"522E4CD0-2B99-4363-9C78-0BAFD988A2D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*","versionEndExcluding":"0.53.0","matchCriteriaId":"365ED1C8-AAF7-4BA7-949C-6F69AF4CD27E"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"33814","Ordinal":"1","Title":"Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FR","CVE":"CVE-2026-33814","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"33814","Ordinal":"1","NoteData":"When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.","Type":"Description","Title":"Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FR"}]}}}