Known Vulnerabilities for Hpack by Golang
Listed below are 1 of the newest known vulnerabilities associated with "Hpack" by "Golang".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-58226 json | Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded H... | Not Provided | 2026-07-06 | 2026-07-06 |
| CVE-2026-55204 json | HAProxy through 3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference vulnerability in hpack_dht_insert() with... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-54428 json | Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpComponents Core (5.4.2 and ear... | Not Provided | 2026-07-01 | 2026-07-01 |
| CVE-2026-47774 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.3... | Not Provided | 2026-06-17 | 2026-06-30 |
| CVE-2026-28898 json | swift-nio-http2's HTTP/2-to-HTTP/1.1 codec did not validate pseudo-header values for control characters before placing them i... | Not Provided | 2026-06-25 | 2026-06-25 |
| CVE-2026-12043 json | Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote threa... | Not Provided | 2026-06-12 | 2026-06-12 |
| CVE-2026-10725 json | Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no he... | Not Provided | 2026-06-06 | 2026-06-09 |
| CVE-2025-59465 json | A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash by triggering an unhandled... | Not Provided | 2026-01-20 | 2026-06-30 |
| CVE-2022-41723 json | A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial ... | 7.5 - HIGH | 2023-02-28 | 2023-11-25 |