CVE-2022-27664
CVE Details
Visit the official vulnerability details page for CVE-2022-27664 to learn more.
Initial Publication
10/25/2024
Last Update
02/01/2026
Third Party Dependency
go
NIST CVE Summary
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
CVE Severity
Our Official Summary
This vulnerability is a false positive. Although this is reported by the scanning tools on some of the components, further checks indicate the symbol/function with the vulnerability while present is not being used.
Status
Ongoing
Affected Products & Versions
| Version | Palette Enterprise | Palette Enterprise Airgap | VerteX | VerteX Airgap |
|---|---|---|---|---|
| 4.8.25 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ✅ No Impact |
| 4.5.22 | ⚠️ Impacted | ✅ No Impact | ✅ No Impact | ✅ No Impact |
| 4.4.20 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ✅ No Impact |
Revision History
No revisions available.