golang is vulnerable to denial of service. The vulnerability exists due to a data overwrite when invoking functions from WASM modules, built using GOARCH=wasm GOOS=js, passing very large arguments.
groups.google.com/forum/#!forum/golang-announce
groups.google.com/g/golang-announce/c/AEBu9j7yj5A
lists.fedoraproject.org/archives/list/[email protected]/message/4OFS3M3OFB24SWPTIAPARKGPUMQVUY6Z/
lists.fedoraproject.org/archives/list/[email protected]/message/ON7BQRRJZBOR5TJHURBAB3WLF4YXFC6Z/
security-tracker.debian.org/tracker/CVE-2021-38297
security.gentoo.org/glsa/202208-02
security.netapp.com/advisory/ntap-20211118-0006/