[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-31525":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":27,"aliases":28,"duplicate_of":9,"upstream":32,"downstream":33,"duplicates":70,"related":71,"reserved_at":9,"published_at":90,"modified_at":91,"state":92,"summary":93,"references_raw":102,"kevs":162,"epss":163,"epss_history":166,"metrics":413,"affected":426},"CVE-2021-31525","net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-674","Uncontrolled Recursion","The product does not properly control the amount of recursion that takes place,  consuming excessive resources, such as allocated memory or the program stack.","weakness","Draft","Class",[19,23],{"id":20,"name":21,"techniques":22},"CAPEC-230","Serialized Data with Nested Payloads",[],{"id":24,"name":25,"techniques":26},"CAPEC-231","Oversized Serialized Data Payloads",[],[],[29,30,31],"GHSA-h86h-8ppg-mxmh","BIT-golang-2021-31525","GO-2022-0236",[],[34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68],{"_key":35},"SUSE-SU-2021:2082-1",{"_key":37},"SUSE-SU-2021:2085-1",{"_key":39},"OPENSUSE-SU-2021:0904-1",{"_key":41},"OPENSUSE-SU-2024:10808-1",{"_key":43},"OPENSUSE-SU-2024:10809-1",{"_key":45},"RHSA-2021:2704",{"_key":47},"RHSA-2022:0308",{"_key":49},"RHBA-2021:2979",{"_key":51},"RHSA-2021:3076",{"_key":53},"RHSA-2021:4103",{"_key":55},"UBUNTU-CVE-2021-31525",{"_key":57},"MGASA-2021-0369",{"_key":59},"DEBIAN-CVE-2021-31525",{"_key":61},"RHSA-2021:2984",{"_key":63},"RHSA-2021:3248",{"_key":65},"RHSA-2021:3487",{"_key":67},"RHSA-2021:3555",{"_key":69},"RHSA-2021:5072",[],[72,73,74,75,76,77,78,80,82,84,86,88],{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":57},{"_key":79},"CGA-32M8-FVV2-4HW3",{"_key":81},"CGA-8VFR-F579-H7RF",{"_key":83},"CGA-JR87-CVGX-JXJ3",{"_key":85},"CGA-RGV6-MP2V-C8GM",{"_key":87},"CGA-WHHH-P348-MMFX",{"_key":89},"CGA-GP75-G599-6FR2","2021-05-27T12:17:11.000Z","2024-08-03T23:03:33.426Z","Modified",{"cisa_kev":94,"cisa_ransomware":94,"cisa_vendor":9,"epss_severity":95,"epss_score":96,"severity":97,"severity_score":98,"severity_version":99,"severity_source":100,"severity_vector":101,"severity_status":92},false,"low",0.00022,"medium",5.9,"v3.1","nvd","CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",[103,113,119,125,130,135,140,145,150,154,158],{"url":104,"sources":105,"tags":108},"https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc",[106,100,107],"cve.org","osv_go",[109,110,111,112],"X Refsource MISC","Mailing List","Third Party Advisory","WEB",{"url":114,"sources":115,"tags":116},"https://github.com/golang/go/issues/45710",[106,100,107],[109,117,118,111,112],"Issue Tracking","Patch",{"url":120,"sources":121,"tags":122},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/",[106,100],[123,124],"Vendor Advisory","X Refsource FEDORA",{"url":126,"sources":127,"tags":128},"https://security.gentoo.org/glsa/202208-02",[106,100,107],[123,129,111,112],"X Refsource GENTOO",{"url":131,"sources":132,"tags":133},"https://nvd.nist.gov/vuln/detail/CVE-2021-31525",[107],[134],"Advisory",{"url":136,"sources":137,"tags":138},"https://github.com/golang/go",[107],[139],"PACKAGE",{"url":141,"sources":142,"tags":143},"https://go.dev/cl/313069",[107],[112,144],"FIX",{"url":146,"sources":147,"tags":148},"https://go.dev/issue/45710",[107],[112,149],"REPORT",{"url":151,"sources":152,"tags":153},"https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9",[107],[112,144],{"url":155,"sources":156,"tags":157},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF",[107],[112],{"url":159,"sources":160,"tags":161},"https://pkg.go.dev/vuln/GO-2022-0236",[107],[112],[],{"date":164,"score":96,"percentile":165},"2026-06-04",0.0625,[167,171,174,177,180,183,186,189,192,195,198,201,204,207,210,214,217,220,223,225,228,231,234,237,239,242,245,248,251,254,257,260,263,266,269,271,274,277,280,283,286,289,292,295,297,300,303,305,308,310,313,315,318,321,323,325,327,329,331,334,337,340,343,345,347,350,352,355,358,361,364,366,368,370,372,375,377,380,383,385,387,390,393,396,398,401,403,405,407,410],{"date":168,"score":169,"percentile":170},"2025-11-04",0.00013,0.01543,{"date":172,"score":169,"percentile":173},"2025-11-05",0.01569,{"date":175,"score":169,"percentile":176},"2025-11-06",0.01585,{"date":178,"score":169,"percentile":179},"2025-11-07",0.01589,{"date":181,"score":169,"percentile":182},"2025-11-08",0.01459,{"date":184,"score":169,"percentile":185},"2025-11-09",0.01457,{"date":187,"score":169,"percentile":188},"2025-11-10",0.01439,{"date":190,"score":169,"percentile":191},"2025-11-11",0.0145,{"date":193,"score":169,"percentile":194},"2025-11-12",0.01458,{"date":196,"score":169,"percentile":197},"2025-11-13",0.01469,{"date":199,"score":169,"percentile":200},"2025-11-14",0.01476,{"date":202,"score":169,"percentile":203},"2025-11-15",0.01496,{"date":205,"score":169,"percentile":206},"2025-11-16",0.01495,{"date":208,"score":169,"percentile":209},"2025-11-17",0.01485,{"date":211,"score":212,"percentile":213},"2025-11-18",0.00849,0.72843,{"date":215,"score":212,"percentile":216},"2025-11-19",0.72851,{"date":218,"score":212,"percentile":219},"2025-11-20",0.72859,{"date":221,"score":169,"percentile":222},"2025-11-21",0.01548,{"date":224,"score":169,"percentile":222},"2025-11-22",{"date":226,"score":169,"percentile":227},"2025-11-23",0.01535,{"date":229,"score":169,"percentile":230},"2025-11-24",0.0153,{"date":232,"score":169,"percentile":233},"2025-11-25",0.01516,{"date":235,"score":169,"percentile":236},"2025-11-26",0.0146,{"date":238,"score":169,"percentile":236},"2025-11-27",{"date":240,"score":169,"percentile":241},"2025-11-28",0.01461,{"date":243,"score":169,"percentile":244},"2025-11-29",0.01498,{"date":246,"score":169,"percentile":247},"2025-11-30",0.0151,{"date":249,"score":169,"percentile":250},"2025-12-01",0.01538,{"date":252,"score":169,"percentile":253},"2025-12-02",0.01532,{"date":255,"score":169,"percentile":256},"2025-12-03",0.01533,{"date":258,"score":169,"percentile":259},"2025-12-04",0.01507,{"date":261,"score":169,"percentile":262},"2025-12-05",0.01518,{"date":264,"score":169,"percentile":265},"2025-12-06",0.01519,{"date":267,"score":169,"percentile":268},"2025-12-07",0.01513,{"date":270,"score":169,"percentile":268},"2025-12-08",{"date":272,"score":169,"percentile":273},"2025-12-09",0.01527,{"date":275,"score":169,"percentile":276},"2025-12-10",0.01542,{"date":278,"score":169,"percentile":279},"2025-12-11",0.01539,{"date":281,"score":169,"percentile":282},"2025-12-12",0.01544,{"date":284,"score":169,"percentile":285},"2025-12-13",0.01528,{"date":287,"score":169,"percentile":288},"2025-12-14",0.01521,{"date":290,"score":169,"percentile":291},"2025-12-15",0.01515,{"date":293,"score":169,"percentile":294},"2025-12-16",0.01526,{"date":296,"score":169,"percentile":227},"2025-12-17",{"date":298,"score":169,"percentile":299},"2025-12-18",0.01531,{"date":301,"score":169,"percentile":302},"2025-12-19",0.01537,{"date":304,"score":169,"percentile":302},"2025-12-20",{"date":306,"score":169,"percentile":307},"2025-12-21",0.01547,{"date":309,"score":169,"percentile":222},"2025-12-22",{"date":311,"score":169,"percentile":312},"2025-12-23",0.01545,{"date":314,"score":169,"percentile":307},"2025-12-24",{"date":316,"score":169,"percentile":317},"2025-12-25",0.01551,{"date":319,"score":169,"percentile":320},"2025-12-26",0.01553,{"date":322,"score":169,"percentile":307},"2025-12-27",{"date":324,"score":169,"percentile":312},"2025-12-28",{"date":326,"score":169,"percentile":302},"2025-12-29",{"date":328,"score":169,"percentile":230},"2025-12-30",{"date":330,"score":169,"percentile":285},"2025-12-31",{"date":332,"score":169,"percentile":333},"2026-01-01",0.01549,{"date":335,"score":169,"percentile":336},"2026-01-02",0.01554,{"date":338,"score":169,"percentile":339},"2026-01-03",0.01556,{"date":341,"score":169,"percentile":342},"2026-01-04",0.01525,{"date":344,"score":169,"percentile":253},"2026-01-05",{"date":346,"score":169,"percentile":273},"2026-01-06",{"date":348,"score":169,"percentile":349},"2026-01-07",0.01534,{"date":351,"score":169,"percentile":222},"2026-01-08",{"date":353,"score":169,"percentile":354},"2026-01-09",0.01563,{"date":356,"score":169,"percentile":357},"2026-01-10",0.01572,{"date":359,"score":169,"percentile":360},"2026-01-11",0.0157,{"date":362,"score":169,"percentile":363},"2026-01-12",0.01552,{"date":365,"score":169,"percentile":222},"2026-01-13",{"date":367,"score":169,"percentile":336},"2026-01-14",{"date":369,"score":169,"percentile":354},"2026-01-15",{"date":371,"score":169,"percentile":357},"2026-01-16",{"date":373,"score":169,"percentile":374},"2026-01-17",0.01576,{"date":376,"score":169,"percentile":176},"2026-01-18",{"date":378,"score":169,"percentile":379},"2026-01-19",0.01575,{"date":381,"score":169,"percentile":382},"2026-01-20",0.01561,{"date":384,"score":169,"percentile":320},"2026-01-21",{"date":386,"score":169,"percentile":336},"2026-01-22",{"date":388,"score":169,"percentile":389},"2026-01-23",0.01567,{"date":391,"score":169,"percentile":392},"2026-01-24",0.01573,{"date":394,"score":169,"percentile":395},"2026-01-25",0.01571,{"date":397,"score":169,"percentile":173},"2026-01-26",{"date":399,"score":169,"percentile":400},"2026-01-27",0.01559,{"date":402,"score":169,"percentile":336},"2026-01-28",{"date":404,"score":169,"percentile":173},"2026-01-29",{"date":406,"score":169,"percentile":392},"2026-01-30",{"date":408,"score":169,"percentile":409},"2026-01-31",0.01591,{"date":411,"score":169,"percentile":412},"2026-02-01",0.01612,[414,424],{"source":100,"cvss_v2_0":415,"cvss_v3_0":9,"cvss_v3_1":420,"cvss_v4_0":9},{"baseScore":416,"baseSeverity":9,"vectorString":417,"impactScore":418,"exploitabilityScore":419},2.6,"AV:N/AC:H/Au:N/C:N/I:N/A:P",2.9,4.9,{"baseScore":98,"baseSeverity":421,"vectorString":101,"impactScore":422,"exploitabilityScore":423},"MEDIUM",6,5.6,{"source":107,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":425,"cvss_v4_0":9},{"baseScore":98,"baseSeverity":9,"vectorString":101,"impactScore":422,"exploitabilityScore":423},[427,435,450,460],{"ecosystem":9,"name":428,"vendor":429,"product":428,"cpe_part":430,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":431},"fedora","fedoraproject","o",[432],{"version":433,"is_range":94,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"34","cpe",{"ecosystem":9,"name":436,"vendor":437,"product":436,"cpe_part":438,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":439},"go","golang","a",[440,445],{"version":441,"is_range":442,"range_type":434,"version_start":9,"version_start_type":9,"version_end":443,"version_end_type":444,"fixed_in":9},"lt1.15.12",true,"1.15.12","excluding",{"version":446,"is_range":442,"range_type":434,"version_start":447,"version_start_type":448,"version_end":449,"version_end_type":444,"fixed_in":9},"gte1.16.0_lt1.16.4","1.16.0","including","1.16.4",{"ecosystem":451,"name":452,"vendor":453,"product":454,"cpe_part":9,"purl_type":437,"purl_namespace":453,"purl_name":454,"source":9,"versions":455},"Go","golang.org/x/net","golang.org/x","net",[456],{"version":457,"is_range":442,"range_type":458,"version_start":9,"version_start_type":9,"version_end":459,"version_end_type":444,"fixed_in":9},"lt0_0_0_20210428140749_89ef3d95e781","semver","0.0.0-20210428140749-89ef3d95e781",{"ecosystem":451,"name":461,"vendor":451,"product":461,"cpe_part":9,"purl_type":437,"purl_namespace":9,"purl_name":461,"source":9,"versions":462},"stdlib",[463],{"version":464,"is_range":442,"range_type":458,"version_start":465,"version_start_type":448,"version_end":449,"version_end_type":444,"fixed_in":9},"gte1_16_0_0_lt1_16_4","1.16.0-0"]