You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
multipart parsing
About this tag
Multipart parsing in Go's standard library was the subject of CVE-2023-24536, a denial-of-service vulnerability affecting web servers and services that accept multipart/form-data uploads. The flaw allowed specially crafted multipart requests to cause excessive CPU and memory consumption. Discussions on WindowsForum cover the background of this vulnerability, its impact on Go programs, and patching and mitigation strategies. The tag focuses on security issues related to multipart form parsing, particularly in the context of Go, and is relevant for developers and IT professionals managing web services.
The Go standard library’s multipart form parser contained a deceptively simple weakness that, in April 2023, was assigned CVE-2023-24536: specially crafted multipart requests can force Go programs to burn CPU and memory at scale, creating a reliable denial‑of‑service (DoS) vector against web...