Name of the Vulnerable Software and Affected Versions Go net/http package (affected versions not specified)

Description The issue arises from the net/http package's Request.ParseMultipartForm method, which starts writing to temporary files once the request body size surpasses the given "maxMemory" limit. An attacker could generate a crafted multipart request, causing the server to run out of file descriptors.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.