CVE-2017-1000098
EPSS 0.43%golang - security update
Published: 2/15/2022Modified: 3/9/2026
Description
When parsing large multipart/form-data, an attacker can cause a HTTP server to open a large number of file descriptors. This may be used as a denial-of-service vector.
Affected packages (2)
- Debian/golangfrom 0, < 2:1.0.2-1.1+deb7u1
- Go/stdlibfrom 0, < 1.6.4, >= 1.7.0-0, < 1.7.4