github.com/golang/go is vulnerable to Denial of Service (DoS) attacks. Unusual patterns of input data cause the upcomingHeaderNewlines
function to parse HTTP and MIME headers which allocates more memory than required, causing the application to crash via memory exhaustion.
github.com/golang/go/commit/3991f6c41c7dfd167e889234c0cf1d840475e93c
github.com/golang/go/commit/d6759e7a059f4208f07aa781402841d7ddaaef96
github.com/golang/go/issues/59267
github.com/golang/go/issues/59268
go.dev/cl/481994
go.dev/issue/58975
groups.google.com/g/golang-announce/c/Xdv6JL9ENs8
pkg.go.dev/vuln/GO-2023-1704
security.gentoo.org/glsa/202311-09
security.netapp.com/advisory/ntap-20230526-0007/