[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-24534":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":86,"aliases":87,"duplicate_of":9,"upstream":90,"downstream":91,"duplicates":162,"related":163,"reserved_at":9,"published_at":184,"modified_at":185,"state":186,"summary":187,"references_raw":196,"kevs":230,"epss":231,"epss_history":234,"metrics":502,"affected":510},"CVE-2023-24534","HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more memory than required to hold the parsed headers. An attacker can exploit this behavior to cause an HTTP server to allocate large amounts of memory from a small request, potentially leading to memory exhaustion and a denial of service. With fix, header parsing now correctly allocates only the memory required to hold parsed headers.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-400","Uncontrolled Resource Consumption","The product does not properly control the allocation and maintenance of a limited resource.","weakness","Draft","Class","High",[20,24,82],{"id":21,"name":22,"techniques":23},"CAPEC-147","XML Ping of the Death",[],{"id":25,"name":26,"techniques":27},"CAPEC-227","Sustained Client Engagement",[28],{"id":29,"name":30,"tactics":31,"countermeasures":35},"T1499","Endpoint Denial of Service",[32],{"id":33,"name":34},"TA0105","Impact",[36,41,45,49,53,57,61,65,69,73,78],{"id":37,"name":38,"tactic":39},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":40},"Detect",{"id":42,"name":43,"tactic":44},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":40},{"id":46,"name":47,"tactic":48},"D3-CSPP","Client-server Payload Profiling",{"name":40},{"id":50,"name":51,"tactic":52},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":40},{"id":54,"name":55,"tactic":56},"D3-NTSA","Network Traffic Signature Analysis",{"name":40},{"id":58,"name":59,"tactic":60},"D3-APCA","Application Protocol Command Analysis",{"name":40},{"id":62,"name":63,"tactic":64},"D3-NTCD","Network Traffic Community Deviation",{"name":40},{"id":66,"name":67,"tactic":68},"D3-RTSD","Remote Terminal Session Detection",{"name":40},{"id":70,"name":71,"tactic":72},"D3-ISVA","Inbound Session Volume Analysis",{"name":40},{"id":74,"name":75,"tactic":76},"D3-NTF","Network Traffic Filtering",{"name":77},"Isolate",{"id":79,"name":80,"tactic":81},"D3-ITF","Inbound Traffic Filtering",{"name":77},{"id":83,"name":84,"techniques":85},"CAPEC-492","Regular Expression Exponential Blowup",[],[],[88,89],"GO-2023-1704","BIT-golang-2023-24534",[],[92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140,142,144,146,148,150,152,154,156,158,160],{"_key":93},"SUSE-SU-2023:2105-2",{"_key":95},"SUSE-SU-2023:1791-1",{"_key":97},"SUSE-SU-2023:1792-1",{"_key":99},"SUSE-SU-2023:2105-1",{"_key":101},"SUSE-SU-2023:2127-1",{"_key":103},"OPENSUSE-SU-2024:12841-1",{"_key":105},"OPENSUSE-SU-2024:12845-1",{"_key":107},"OPENSUSE-SU-2024:13007-1",{"_key":109},"OPENSUSE-SU-2024:14076-1",{"_key":111},"MGASA-2023-0145",{"_key":113},"USN-6038-1",{"_key":115},"DEBIAN-CVE-2023-24534",{"_key":117},"UBUNTU-CVE-2023-24534",{"_key":119},"USN-6038-2",{"_key":121},"RHSA-2023:3366",{"_key":123},"RHSA-2023:3536",{"_key":125},"RHSA-2023:3540",{"_key":127},"RHSA-2023:4459",{"_key":129},"RHSA-2023:4470",{"_key":131},"RHSA-2023:6420",{"_key":133},"RHSA-2023:3318",{"_key":135},"RHSA-2023:3319",{"_key":137},"RHSA-2023:3445",{"_key":139},"RHSA-2023:3450",{"_key":141},"RHSA-2023:3612",{"_key":143},"RHSA-2023:4003",{"_key":145},"RHSA-2023:4093",{"_key":147},"RHSA-2023:5964",{"_key":149},"RHSA-2023:6346",{"_key":151},"RHSA-2023:6363",{"_key":153},"RHSA-2023:6402",{"_key":155},"RHSA-2023:6473",{"_key":157},"RHSA-2023:6474",{"_key":159},"RHSA-2023:6938",{"_key":161},"RHSA-2023:6939",[],[164,165,166,167,168,169,170,171,172,173,174,176,178,180,182],{"_key":93},{"_key":95},{"_key":97},{"_key":99},{"_key":101},{"_key":103},{"_key":105},{"_key":107},{"_key":109},{"_key":111},{"_key":175},"CGA-25CH-F9G2-2WV2",{"_key":177},"CGA-F2FH-MH25-JWHR",{"_key":179},"CGA-PQJP-J3C9-5WVJ",{"_key":181},"CGA-R5XW-G83P-75J3",{"_key":183},"CGA-W6X4-26HF-4QW6","2023-04-06T15:50:45.710Z","2025-02-13T16:44:17.255Z","Modified",{"cisa_kev":188,"cisa_ransomware":188,"cisa_vendor":9,"epss_severity":189,"epss_score":190,"severity":191,"severity_score":192,"severity_version":193,"severity_source":194,"severity_vector":195,"severity_status":186},false,"low",0.00162,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[197,206,212,218,222,226],{"url":198,"sources":199,"tags":202},"https://go.dev/issue/58975",[194,200,201],"nvd","osv_go",[203,204,205],"Issue Tracking","Vendor Advisory","REPORT",{"url":207,"sources":208,"tags":209},"https://go.dev/cl/481994",[194,200,201],[210,204,211],"Patch","FIX",{"url":213,"sources":214,"tags":215},"https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",[194,200,201],[216,210,217],"Mailing List","WEB",{"url":219,"sources":220,"tags":221},"https://pkg.go.dev/vuln/GO-2023-1704",[194,200],[204],{"url":223,"sources":224,"tags":225},"https://security.netapp.com/advisory/ntap-20230526-0007/",[194,200],[],{"url":227,"sources":228,"tags":229},"https://security.gentoo.org/glsa/202311-09",[194,200],[],[],{"date":232,"score":190,"percentile":233},"2026-06-04",0.36814,[235,239,242,245,248,251,254,257,260,263,266,268,271,273,276,280,282,285,288,291,294,297,300,303,305,308,311,314,318,321,324,327,330,334,338,341,344,347,350,353,356,359,362,364,367,370,373,376,379,382,385,388,391,394,397,399,402,405,408,411,413,415,418,421,424,427,430,433,436,439,441,444,447,450,453,456,459,462,465,468,471,474,477,480,483,486,489,492,495,499],{"date":236,"score":237,"percentile":238},"2025-11-04",0.00045,0.13355,{"date":240,"score":237,"percentile":241},"2025-11-05",0.13382,{"date":243,"score":237,"percentile":244},"2025-11-06",0.13468,{"date":246,"score":237,"percentile":247},"2025-11-07",0.1348,{"date":249,"score":237,"percentile":250},"2025-11-08",0.13484,{"date":252,"score":237,"percentile":253},"2025-11-09",0.13454,{"date":255,"score":237,"percentile":256},"2025-11-10",0.13422,{"date":258,"score":237,"percentile":259},"2025-11-11",0.13442,{"date":261,"score":237,"percentile":262},"2025-11-12",0.13431,{"date":264,"score":237,"percentile":265},"2025-11-13",0.13458,{"date":267,"score":237,"percentile":250},"2025-11-14",{"date":269,"score":237,"percentile":270},"2025-11-15",0.13464,{"date":272,"score":237,"percentile":265},"2025-11-16",{"date":274,"score":237,"percentile":275},"2025-11-17",0.13434,{"date":277,"score":278,"percentile":279},"2025-11-18",0.01863,0.81589,{"date":281,"score":278,"percentile":279},"2025-11-19",{"date":283,"score":278,"percentile":284},"2025-11-20",0.81595,{"date":286,"score":237,"percentile":287},"2025-11-21",0.13456,{"date":289,"score":237,"percentile":290},"2025-11-22",0.13448,{"date":292,"score":237,"percentile":293},"2025-11-23",0.13429,{"date":295,"score":237,"percentile":296},"2025-11-24",0.13389,{"date":298,"score":237,"percentile":299},"2025-11-25",0.13388,{"date":301,"score":237,"percentile":302},"2025-11-26",0.13379,{"date":304,"score":237,"percentile":302},"2025-11-27",{"date":306,"score":237,"percentile":307},"2025-11-28",0.1336,{"date":309,"score":237,"percentile":310},"2025-11-29",0.13332,{"date":312,"score":237,"percentile":313},"2025-11-30",0.13337,{"date":315,"score":316,"percentile":317},"2025-12-01",0.00038,0.10925,{"date":319,"score":316,"percentile":320},"2025-12-02",0.10933,{"date":322,"score":316,"percentile":323},"2025-12-03",0.10945,{"date":325,"score":316,"percentile":326},"2025-12-04",0.10923,{"date":328,"score":316,"percentile":329},"2025-12-05",0.10949,{"date":331,"score":332,"percentile":333},"2025-12-06",0.00034,0.09465,{"date":335,"score":336,"percentile":337},"2025-12-07",0.0004,0.11922,{"date":339,"score":336,"percentile":340},"2025-12-08",0.11929,{"date":342,"score":336,"percentile":343},"2025-12-09",0.11988,{"date":345,"score":336,"percentile":346},"2025-12-10",0.12051,{"date":348,"score":336,"percentile":349},"2025-12-11",0.12077,{"date":351,"score":336,"percentile":352},"2025-12-12",0.12114,{"date":354,"score":336,"percentile":355},"2025-12-13",0.12131,{"date":357,"score":336,"percentile":358},"2025-12-14",0.12117,{"date":360,"score":336,"percentile":361},"2025-12-15",0.12067,{"date":363,"score":336,"percentile":346},"2025-12-16",{"date":365,"score":336,"percentile":366},"2025-12-17",0.12137,{"date":368,"score":336,"percentile":369},"2025-12-18",0.12185,{"date":371,"score":336,"percentile":372},"2025-12-19",0.12194,{"date":374,"score":237,"percentile":375},"2025-12-20",0.13838,{"date":377,"score":237,"percentile":378},"2025-12-21",0.13799,{"date":380,"score":237,"percentile":381},"2025-12-22",0.1375,{"date":383,"score":237,"percentile":384},"2025-12-23",0.13747,{"date":386,"score":237,"percentile":387},"2025-12-24",0.13745,{"date":389,"score":237,"percentile":390},"2025-12-25",0.13816,{"date":392,"score":237,"percentile":393},"2025-12-26",0.13777,{"date":395,"score":237,"percentile":396},"2025-12-27",0.13779,{"date":398,"score":237,"percentile":381},"2025-12-28",{"date":400,"score":237,"percentile":401},"2025-12-29",0.13647,{"date":403,"score":237,"percentile":404},"2025-12-30",0.13657,{"date":406,"score":237,"percentile":407},"2025-12-31",0.13719,{"date":409,"score":237,"percentile":410},"2026-01-01",0.13791,{"date":412,"score":237,"percentile":396},"2026-01-02",{"date":414,"score":237,"percentile":387},"2026-01-03",{"date":416,"score":237,"percentile":417},"2026-01-04",0.13669,{"date":419,"score":237,"percentile":420},"2026-01-05",0.13624,{"date":422,"score":237,"percentile":423},"2026-01-06",0.13634,{"date":425,"score":237,"percentile":426},"2026-01-07",0.13672,{"date":428,"score":237,"percentile":429},"2026-01-08",0.13721,{"date":431,"score":237,"percentile":432},"2026-01-09",0.1373,{"date":434,"score":237,"percentile":435},"2026-01-10",0.13748,{"date":437,"score":237,"percentile":438},"2026-01-11",0.13678,{"date":440,"score":237,"percentile":401},"2026-01-12",{"date":442,"score":237,"percentile":443},"2026-01-13",0.13619,{"date":445,"score":237,"percentile":446},"2026-01-14",0.13677,{"date":448,"score":237,"percentile":449},"2026-01-15",0.13675,{"date":451,"score":237,"percentile":452},"2026-01-16",0.1372,{"date":454,"score":237,"percentile":455},"2026-01-17",0.13737,{"date":457,"score":237,"percentile":458},"2026-01-18",0.13663,{"date":460,"score":237,"percentile":461},"2026-01-19",0.136,{"date":463,"score":237,"percentile":464},"2026-01-20",0.13581,{"date":466,"score":237,"percentile":467},"2026-01-21",0.13567,{"date":469,"score":237,"percentile":470},"2026-01-22",0.13529,{"date":472,"score":237,"percentile":473},"2026-01-23",0.1361,{"date":475,"score":237,"percentile":476},"2026-01-24",0.13654,{"date":478,"score":237,"percentile":479},"2026-01-25",0.13597,{"date":481,"score":237,"percentile":482},"2026-01-26",0.13527,{"date":484,"score":237,"percentile":485},"2026-01-27",0.13525,{"date":487,"score":237,"percentile":488},"2026-01-28",0.13533,{"date":490,"score":237,"percentile":491},"2026-01-29",0.13512,{"date":493,"score":237,"percentile":494},"2026-01-30",0.13519,{"date":496,"score":497,"percentile":498},"2026-01-31",0.00048,0.14686,{"date":500,"score":497,"percentile":501},"2026-02-01",0.14663,[503,508],{"source":194,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":504,"cvss_v4_0":9},{"baseScore":192,"baseSeverity":505,"vectorString":195,"impactScore":506,"exploitabilityScore":507},"HIGH",6,10,{"source":200,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":509,"cvss_v4_0":9},{"baseScore":192,"baseSeverity":505,"vectorString":195,"impactScore":506,"exploitabilityScore":507},[511,526,536],{"ecosystem":9,"name":512,"vendor":513,"product":512,"cpe_part":514,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":515},"net/textproto","go standard library","a",[516,521],{"version":517,"is_range":518,"range_type":194,"version_start":9,"version_start_type":9,"version_end":519,"version_end_type":520,"fixed_in":9},"\u003C 1.19.8",true,"1.19.8","excluding",{"version":522,"is_range":518,"range_type":194,"version_start":523,"version_start_type":524,"version_end":525,"version_end_type":520,"fixed_in":9},">= 1.20.0-0, \u003C 1.20.3","1.20.0-0","including","1.20.3",{"ecosystem":9,"name":527,"vendor":528,"product":527,"cpe_part":514,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":529},"go","golang",[530,533],{"version":531,"is_range":518,"range_type":532,"version_start":9,"version_start_type":9,"version_end":519,"version_end_type":520,"fixed_in":9},"lt1.19.8","cpe",{"version":534,"is_range":518,"range_type":532,"version_start":535,"version_start_type":524,"version_end":525,"version_end_type":520,"fixed_in":9},"gte1.20.0_lt1.20.3","1.20.0",{"ecosystem":537,"name":538,"vendor":537,"product":538,"cpe_part":9,"purl_type":528,"purl_namespace":9,"purl_name":538,"source":9,"versions":539},"Go","stdlib",[540],{"version":541,"is_range":518,"range_type":542,"version_start":523,"version_start_type":524,"version_end":525,"version_end_type":520,"fixed_in":9},"gte1_20_0_0_lt1_20_3","semver"]