CVE-2023-45290 | net-textproto up to 1.21.7/1.22.0 on Go resource consumption

Inserito da Angelo Barbosa | Mar 6, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in net-textproto up to 1.21.7/1.22.0 on Go. Affected by this issue is the function Request.ParseMultipartForm/Request.FormValue/Request.PostFormValue/Request.FormFile. The manipulation leads to resource consumption.

This vulnerability is handled as CVE-2023-45290. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-45290 | net-textproto up to 1.21.7/1.22.0 on Go resource consumption

Post correlati

CVE-2024-27246 | Zoom Workplace Desktop App use after free

CVE-2024-39930 | Gogs up to 0.13.0 SSH Connection internal/ssh/ssh.go argument injection

CVE-2024-2744 | NextGEN Gallery Plugin up to 3.59.0 on WordPress Setting cross site scripting

CVE-2023-6568 | mlflow up to 2.8.x cross site scripting