go-zero
go-zero copied to clipboard
CVE-2023-24534: net/http, net/textproto: denial of service from excessive memory allocation
There is a denial of service vulnerability in go 1.18 disclosed under CVE-2023-24534. This vulnerability has been patched in version 1.19 and 1.20 but not in 1.18, discussed here.