Go · Go · CVE-2021-44716
**Name of the Vulnerable Software and Affected Versions**
Go versions prior to 1.16.12
Go versions 1.17.x prior to 1.17.5
**Description**
The issue allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests, potentially causing unbounded memory growth in servers accepting HTTP/2 requests.
**Recommendations**
For Go versions prior to 1.16.12, update to version 1.16.12 or later.
For Go versions 1.17.x prior to 1.17.5, update to version 1.17.5 or later.