go -- multiple vulnerabilities
The Go project reports:
net/http: limit growth of header canonicalization cache. An
attacker can cause unbounded memory growth in a Go server accepting
syscall: don’t close fd 0 on ForkExec error. When a Go program
running on a Unix system is out of file descriptors and calls
syscall.ForkExec (including indirectly by using the os/exec
package), syscall.ForkExec can close file descriptor 0 as it fails.
If this happens (or can be provoked) repeatedly, it can result in
misdirected I/O such as writing network traffic intended for one
connection to a different connection, or content intended for one
file to a different one.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright