CVE-2023-39321

Processing an incomplete post-handshake message for a QUIC connection can cause a panic.
Configurations

Configuration 1 (hide)

cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*

History

26 Sep 2024, 18:35

Type Values Removed Values Added
CWE CWE-400

25 Nov 2023, 11:15

Type Values Removed Values Added
References
  • () https://security.gentoo.org/glsa/202311-09 -

04 Nov 2023, 02:07

Type Values Removed Values Added
References (MISC) https://security.netapp.com/advisory/ntap-20231020-0004/ - (MISC) https://security.netapp.com/advisory/ntap-20231020-0004/ - Third Party Advisory

20 Oct 2023, 15:15

Type Values Removed Values Added
References
  • (MISC) https://security.netapp.com/advisory/ntap-20231020-0004/ -

12 Sep 2023, 14:36

Type Values Removed Values Added
CPE cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
References (MISC) https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ - (MISC) https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ - Release Notes
References (MISC) https://go.dev/cl/523039 - (MISC) https://go.dev/cl/523039 - Patch
References (MISC) https://go.dev/issue/62266 - (MISC) https://go.dev/issue/62266 - Issue Tracking
References (MISC) https://pkg.go.dev/vuln/GO-2023-2044 - (MISC) https://pkg.go.dev/vuln/GO-2023-2044 - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
First Time Golang go
Golang
CWE NVD-CWE-noinfo

08 Sep 2023, 17:36

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-08 17:15

Updated : 2024-09-26 18:35


NVD link : CVE-2023-39321

Mitre link : CVE-2023-39321

CVE.ORG link : CVE-2023-39321


JSON object : View

Products Affected

golang

  • go
CWE
NVD-CWE-noinfo CWE-400

Uncontrolled Resource Consumption