High severity7.5NVD Advisory· Published Oct 5, 2017· Updated Jun 17, 2026
CVE-2017-1000098
CVE-2017-1000098
Description
The net/http package's Request.ParseMultipartForm method starts writing to temporary files once the request body size surpasses the given "maxMemory" limit. It was possible for an attacker to generate a multipart request crafted such that the server ran out of file descriptors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- golang.org/cl/30410nvdIssue TrackingPatchVendor Advisory
- golang.org/issue/17965nvdIssue TrackingPatchVendor Advisory
- groups.google.com/forum/nvd
News mentions
0No linked articles in our index yet.