VYPR

Go modules package

github.com/moby/spdystream

pkg:golang/github.com/moby/spdystream

Vulnerabilities (1)

  • CVE-2026-35469HigApr 16, 2026
    affected < 0.5.1fixed 0.5.1

    spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocating memory. Three allocation paths are affected: the SETTINGS frame entry count,