[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-39326":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":84,"related":85,"reserved_at":9,"published_at":295,"modified_at":296,"state":297,"summary":298,"references_raw":307,"kevs":337,"epss":338,"epss_history":341,"metrics":608,"affected":614},"CVE-2023-39326","A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],[],[20,21],"GO-2023-2382","BIT-golang-2023-39326",[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82],{"_key":25},"UBUNTU-CVE-2023-39326",{"_key":27},"SUSE-SU-2023:4708-1",{"_key":29},"SUSE-SU-2023:4709-1",{"_key":31},"SUSE-SU-2023:4930-1",{"_key":33},"SUSE-SU-2023:4931-1",{"_key":35},"OPENSUSE-SU-2024:13491-1",{"_key":37},"OPENSUSE-SU-2024:13492-1",{"_key":39},"MGASA-2023-0349",{"_key":41},"USN-6574-1",{"_key":43},"DEBIAN-CVE-2023-39326",{"_key":45},"RHSA-2023:7200",{"_key":47},"RHSA-2023:7201",{"_key":49},"RHSA-2024:0748",{"_key":51},"RHSA-2024:0880",{"_key":53},"RHSA-2024:0887",{"_key":55},"RHSA-2024:1041",{"_key":57},"RHSA-2024:1131",{"_key":59},"RHSA-2024:1149",{"_key":61},"RHSA-2024:1244",{"_key":63},"RHSA-2024:1640",{"_key":65},"RHSA-2024:2160",{"_key":67},"RHSA-2024:2193",{"_key":69},"RHSA-2024:2245",{"_key":71},"RHSA-2024:2272",{"_key":73},"RHSA-2024:2729",{"_key":75},"RHSA-2024:2730",{"_key":77},"RHSA-2024:2767",{"_key":79},"RHSA-2024:2988",{"_key":81},"RHSA-2024:3352",{"_key":83},"RHSA-2024:3467",[],[86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,115,117,119,121,123,125,127,129,131,133,135,137,139,141,143,145,147,149,151,153,155,157,159,161,163,165,167,169,171,173,175,177,179,181,183,185,187,189,191,193,195,197,199,201,203,205,207,209,211,213,215,217,219,221,223,225,227,229,231,233,235,237,239,241,243,245,247,249,251,253,255,257,259,261,263,265,267,269,271,273,275,277,279,281,283,285,287,289,291,293],{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":114},"CGA-23MH-FHF7-GFM6",{"_key":116},"CGA-2C54-93G6-R6GP",{"_key":118},"CGA-2J5W-25M2-3P2H",{"_key":120},"CGA-2MJ6-92VQ-2952",{"_key":122},"CGA-32PR-228R-XRM5",{"_key":124},"CGA-3G94-PJHM-F643",{"_key":126},"CGA-3GHP-9335-7G9V",{"_key":128},"CGA-3R4X-29M7-9PF8",{"_key":130},"CGA-3WV8-P8HR-8XHH",{"_key":132},"CGA-43XG-F7Q7-CJ94",{"_key":134},"CGA-45RV-C54J-Q62M",{"_key":136},"CGA-47M9-8MXG-37X3",{"_key":138},"CGA-4836-6HP4-43QJ",{"_key":140},"CGA-4GHH-P2JM-Q6GM",{"_key":142},"CGA-4H7X-5QHC-R7CF",{"_key":144},"CGA-4MP6-QH9W-QM9P",{"_key":146},"CGA-4P75-PQ63-Q763",{"_key":148},"CGA-4PPX-MJ9G-MV6J",{"_key":150},"CGA-4QV8-7CHQ-9922",{"_key":152},"CGA-575C-RF7W-W3R3",{"_key":154},"CGA-68M7-CHJJ-M82Q",{"_key":156},"CGA-6CVV-2J3X-WPHX",{"_key":158},"CGA-6PCW-M533-J56J",{"_key":160},"CGA-6QF5-V252-GMPM",{"_key":162},"CGA-6VR2-6V82-97MX",{"_key":164},"CGA-72C4-H52W-GWX5",{"_key":166},"CGA-7GP7-8Q8G-VR4X",{"_key":168},"CGA-8PF5-FFGV-882X",{"_key":170},"CGA-8Q65-MGG9-3VG4",{"_key":172},"CGA-8R52-2M2P-4R8H",{"_key":174},"CGA-8XM4-W2QQ-292F",{"_key":176},"CGA-928J-4358-26F4",{"_key":178},"CGA-9FJ3-F43P-JQF9",{"_key":180},"CGA-9JJ3-3X6G-MVQH",{"_key":182},"CGA-9JP5-RM5H-PFR5",{"_key":184},"CGA-9PC7-6XV6-437G",{"_key":186},"CGA-C2X9-FW55-QP6J",{"_key":188},"CGA-C49Q-9M96-MMJQ",{"_key":190},"CGA-C8V6-RCQG-GHJ7",{"_key":192},"CGA-C9HV-WRQX-XR35",{"_key":194},"CGA-CVV7-J92J-X2M4",{"_key":196},"CGA-CWRV-JVMQ-HJPJ",{"_key":198},"CGA-F6WC-XMR8-GQ26",{"_key":200},"CGA-G238-9WMR-5CX9",{"_key":202},"CGA-G29C-GW92-J79R",{"_key":204},"CGA-G437-2FG9-CG67",{"_key":206},"CGA-G56V-X455-F8MX",{"_key":208},"CGA-G6M3-XW88-H3V3",{"_key":210},"CGA-GJWC-RF7C-293C",{"_key":212},"CGA-H2Q7-RP5Q-9CW7",{"_key":214},"CGA-H8H2-464M-2QR4",{"_key":216},"CGA-HQ6Q-F6HW-Q53G",{"_key":218},"CGA-J2HC-CPCV-RX7F",{"_key":220},"CGA-J846-GGX4-45W9",{"_key":222},"CGA-JQX2-WX6W-C7GG",{"_key":224},"CGA-JV32-9M8F-246G",{"_key":226},"CGA-JWQG-QW9H-WGP2",{"_key":228},"CGA-M574-PXR2-XMVG",{"_key":230},"CGA-M8CR-CF3M-5RQ8",{"_key":232},"CGA-P224-3PWV-7978",{"_key":234},"CGA-P22V-WGR7-H7RX",{"_key":236},"CGA-P5H4-P53C-5578",{"_key":238},"CGA-P6R2-RF2H-9RH9",{"_key":240},"CGA-PF38-98C9-XJ4G",{"_key":242},"CGA-PJ28-MCX9-QQXW",{"_key":244},"CGA-PMXF-FWPC-6383",{"_key":246},"CGA-PPHV-JMG8-266G",{"_key":248},"CGA-Q3F5-RVJ4-24R4",{"_key":250},"CGA-Q562-XVXP-8QF5",{"_key":252},"CGA-Q94X-WFHH-GQXV",{"_key":254},"CGA-QG7C-JFC2-R7FG",{"_key":256},"CGA-QGXX-75CC-PQFV",{"_key":258},"CGA-QJR2-CRPW-C3FH",{"_key":260},"CGA-QQ4Q-QXWF-522C",{"_key":262},"CGA-QQCP-XR24-6857",{"_key":264},"CGA-R8R7-99FJ-9GJH",{"_key":266},"CGA-RPV7-JG73-F7H7",{"_key":268},"CGA-RRGP-73VP-GHRM",{"_key":270},"CGA-V3MF-XQP9-MCHP",{"_key":272},"CGA-VC2P-WQ32-66HM",{"_key":274},"CGA-W427-QJ57-3M72",{"_key":276},"CGA-W47P-HHCC-9323",{"_key":278},"CGA-W56G-P85R-8999",{"_key":280},"CGA-W897-PVJ5-979G",{"_key":282},"CGA-WC3X-8J8R-8X3J",{"_key":284},"CGA-WCMV-C5JM-QWCH",{"_key":286},"CGA-WJRW-8PVX-WFH2",{"_key":288},"CGA-X5MP-3WJF-QXW7",{"_key":290},"CGA-X7JX-6VJG-GJGH",{"_key":292},"CGA-X9CX-M8M3-3XF4",{"_key":294},"CGA-68MX-H7CX-55QW","2023-12-06T16:27:53.832Z","2025-02-13T17:02:50.990Z","Modified",{"cisa_kev":299,"cisa_ransomware":299,"cisa_vendor":9,"epss_severity":300,"epss_score":301,"severity":302,"severity_score":303,"severity_version":304,"severity_source":305,"severity_vector":306,"severity_status":297},false,"low",0.00123,"medium",5.3,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",[308,318,323,329,333],{"url":309,"sources":310,"tags":313},"https://go.dev/issue/64433",[311,305,312],"cve.org","osv_go",[314,315,316,317],"Issue Tracking","Patch","Vendor Advisory","REPORT",{"url":319,"sources":320,"tags":321},"https://go.dev/cl/547335",[311,305,312],[315,322],"FIX",{"url":324,"sources":325,"tags":326},"https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ",[311,305,312],[327,316,328],"Mailing List","WEB",{"url":330,"sources":331,"tags":332},"https://pkg.go.dev/vuln/GO-2023-2382",[311,305],[315,316],{"url":334,"sources":335,"tags":336},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/",[311,305],[],[],{"date":339,"score":301,"percentile":340},"2026-06-04",0.31057,[342,346,349,352,355,358,361,364,367,370,373,376,379,382,385,389,392,395,398,401,404,407,410,413,415,418,421,424,427,430,432,435,437,440,443,446,449,452,455,458,461,464,467,470,473,476,479,482,485,488,490,494,497,500,503,506,509,512,514,517,520,523,526,529,532,535,538,541,544,547,550,553,555,558,561,564,567,570,573,576,579,581,584,587,590,593,596,599,602,605],{"date":343,"score":344,"percentile":345},"2025-11-04",0.00048,0.14484,{"date":347,"score":344,"percentile":348},"2025-11-05",0.14517,{"date":350,"score":344,"percentile":351},"2025-11-06",0.14618,{"date":353,"score":344,"percentile":354},"2025-11-07",0.14627,{"date":356,"score":344,"percentile":357},"2025-11-08",0.14638,{"date":359,"score":344,"percentile":360},"2025-11-09",0.14615,{"date":362,"score":344,"percentile":363},"2025-11-10",0.14579,{"date":365,"score":344,"percentile":366},"2025-11-11",0.14595,{"date":368,"score":344,"percentile":369},"2025-11-12",0.14636,{"date":371,"score":344,"percentile":372},"2025-11-13",0.14663,{"date":374,"score":344,"percentile":375},"2025-11-14",0.1466,{"date":377,"score":344,"percentile":378},"2025-11-15",0.14619,{"date":380,"score":344,"percentile":381},"2025-11-16",0.14616,{"date":383,"score":344,"percentile":384},"2025-11-17",0.14575,{"date":386,"score":387,"percentile":388},"2025-11-18",0.00394,0.5756,{"date":390,"score":387,"percentile":391},"2025-11-19",0.57577,{"date":393,"score":387,"percentile":394},"2025-11-20",0.57568,{"date":396,"score":344,"percentile":397},"2025-11-21",0.14598,{"date":399,"score":344,"percentile":400},"2025-11-22",0.1458,{"date":402,"score":344,"percentile":403},"2025-11-23",0.14563,{"date":405,"score":344,"percentile":406},"2025-11-24",0.14533,{"date":408,"score":344,"percentile":409},"2025-11-25",0.14528,{"date":411,"score":344,"percentile":412},"2025-11-26",0.14522,{"date":414,"score":344,"percentile":406},"2025-11-27",{"date":416,"score":344,"percentile":417},"2025-11-28",0.14513,{"date":419,"score":344,"percentile":420},"2025-11-29",0.14501,{"date":422,"score":344,"percentile":423},"2025-11-30",0.14506,{"date":425,"score":344,"percentile":426},"2025-12-01",0.14539,{"date":428,"score":344,"percentile":429},"2025-12-02",0.14556,{"date":431,"score":344,"percentile":363},"2025-12-03",{"date":433,"score":344,"percentile":434},"2025-12-04",0.14555,{"date":436,"score":344,"percentile":351},"2025-12-05",{"date":438,"score":344,"percentile":439},"2025-12-06",0.14634,{"date":441,"score":344,"percentile":442},"2025-12-07",0.14614,{"date":444,"score":344,"percentile":445},"2025-12-08",0.14624,{"date":447,"score":344,"percentile":448},"2025-12-09",0.14682,{"date":450,"score":344,"percentile":451},"2025-12-10",0.14756,{"date":453,"score":344,"percentile":454},"2025-12-11",0.14781,{"date":456,"score":344,"percentile":457},"2025-12-12",0.14828,{"date":459,"score":344,"percentile":460},"2025-12-13",0.14836,{"date":462,"score":344,"percentile":463},"2025-12-14",0.14789,{"date":465,"score":344,"percentile":466},"2025-12-15",0.14753,{"date":468,"score":344,"percentile":469},"2025-12-16",0.1478,{"date":471,"score":344,"percentile":472},"2025-12-17",0.14876,{"date":474,"score":344,"percentile":475},"2025-12-18",0.14933,{"date":477,"score":344,"percentile":478},"2025-12-19",0.14974,{"date":480,"score":344,"percentile":481},"2025-12-20",0.14947,{"date":483,"score":344,"percentile":484},"2025-12-21",0.14914,{"date":486,"score":344,"percentile":487},"2025-12-22",0.14868,{"date":489,"score":344,"percentile":487},"2025-12-23",{"date":491,"score":492,"percentile":493},"2025-12-24",0.00064,0.20318,{"date":495,"score":492,"percentile":496},"2025-12-25",0.20404,{"date":498,"score":492,"percentile":499},"2025-12-26",0.20397,{"date":501,"score":492,"percentile":502},"2025-12-27",0.20394,{"date":504,"score":492,"percentile":505},"2025-12-28",0.20356,{"date":507,"score":492,"percentile":508},"2025-12-29",0.20313,{"date":510,"score":492,"percentile":511},"2025-12-30",0.20299,{"date":513,"score":492,"percentile":505},"2025-12-31",{"date":515,"score":492,"percentile":516},"2026-01-01",0.20452,{"date":518,"score":492,"percentile":519},"2026-01-02",0.20456,{"date":521,"score":492,"percentile":522},"2026-01-03",0.20443,{"date":524,"score":492,"percentile":525},"2026-01-04",0.20349,{"date":527,"score":492,"percentile":528},"2026-01-05",0.20343,{"date":530,"score":492,"percentile":531},"2026-01-06",0.20357,{"date":533,"score":492,"percentile":534},"2026-01-07",0.2039,{"date":536,"score":492,"percentile":537},"2026-01-08",0.20432,{"date":539,"score":492,"percentile":540},"2026-01-09",0.20434,{"date":542,"score":492,"percentile":543},"2026-01-10",0.20427,{"date":545,"score":492,"percentile":546},"2026-01-11",0.20396,{"date":548,"score":492,"percentile":549},"2026-01-12",0.20359,{"date":551,"score":492,"percentile":552},"2026-01-13",0.20338,{"date":554,"score":492,"percentile":546},"2026-01-14",{"date":556,"score":492,"percentile":557},"2026-01-15",0.20399,{"date":559,"score":492,"percentile":560},"2026-01-16",0.2043,{"date":562,"score":492,"percentile":563},"2026-01-17",0.20438,{"date":565,"score":492,"percentile":566},"2026-01-18",0.20387,{"date":568,"score":492,"percentile":569},"2026-01-19",0.20346,{"date":571,"score":492,"percentile":572},"2026-01-20",0.20326,{"date":574,"score":492,"percentile":575},"2026-01-21",0.20286,{"date":577,"score":492,"percentile":578},"2026-01-22",0.20264,{"date":580,"score":492,"percentile":549},"2026-01-23",{"date":582,"score":492,"percentile":583},"2026-01-24",0.20381,{"date":585,"score":492,"percentile":586},"2026-01-25",0.20308,{"date":588,"score":492,"percentile":589},"2026-01-26",0.20203,{"date":591,"score":492,"percentile":592},"2026-01-27",0.20194,{"date":594,"score":492,"percentile":595},"2026-01-28",0.20195,{"date":597,"score":492,"percentile":598},"2026-01-29",0.20155,{"date":600,"score":492,"percentile":601},"2026-01-30",0.20158,{"date":603,"score":492,"percentile":604},"2026-01-31",0.20164,{"date":606,"score":492,"percentile":607},"2026-02-01",0.20191,[609],{"source":305,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":610,"cvss_v4_0":9},{"baseScore":303,"baseSeverity":611,"vectorString":306,"impactScore":612,"exploitabilityScore":613},"MEDIUM",2.3,10,[615,630,639],{"ecosystem":9,"name":616,"vendor":617,"product":616,"cpe_part":618,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":619},"net/http/internal","go standard library","a",[620,625],{"version":621,"is_range":622,"range_type":311,"version_start":9,"version_start_type":9,"version_end":623,"version_end_type":624,"fixed_in":9},"\u003C 1.20.12",true,"1.20.12","excluding",{"version":626,"is_range":622,"range_type":311,"version_start":627,"version_start_type":628,"version_end":629,"version_end_type":624,"fixed_in":9},">= 1.21.0-0, \u003C 1.21.5","1.21.0-0","including","1.21.5",{"ecosystem":9,"name":631,"vendor":632,"product":631,"cpe_part":618,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":633},"go","golang",[634,637],{"version":635,"is_range":622,"range_type":636,"version_start":9,"version_start_type":9,"version_end":623,"version_end_type":624,"fixed_in":9},"lt1.20.12","cpe",{"version":638,"is_range":622,"range_type":636,"version_start":627,"version_start_type":628,"version_end":629,"version_end_type":624,"fixed_in":9},"gte1.21.0-0_lt1.21.5",{"ecosystem":640,"name":641,"vendor":640,"product":641,"cpe_part":9,"purl_type":632,"purl_namespace":9,"purl_name":641,"source":9,"versions":642},"Go","stdlib",[643],{"version":644,"is_range":622,"range_type":645,"version_start":627,"version_start_type":628,"version_end":629,"version_end_type":624,"fixed_in":9},"gte1_21_0_0_lt1_21_5","semver"]