go-zero CVE-2023-24534: net/http, net/textproto: denial of service from excessive memory allocation

CVE-2023-24534: net/http, net/textproto: denial of service from excessive memory allocation

Open KevinSolmssen opened this issue 1 year ago • 1 comments

There is a denial of service vulnerability in go 1.18 disclosed under CVE-2023-24534. This vulnerability has been patched in version 1.19 and 1.20 but not in 1.18, discussed here.

May 15 '23 15:05 KevinSolmssen

go-zero go-zero copied to clipboard

CVE-2023-24534: net/http, net/textproto: denial of service from excessive memory allocation

go-zero
go-zero copied to clipboard