A vulnerability, which was classified as problematic, has been found in net-textproto up to 1.21.7/1.22.0 on Go. Affected by this issue is the function Request.ParseMultipartForm/Request.FormValue/Request.PostFormValue/Request.FormFile. The manipulation leads to resource consumption.

This vulnerability is handled as CVE-2023-45290. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.