CVE-2024-37298HIGHCVSS 7.5fixed in 1.4.12024-07-01
CVE-2024-37298 [HIGH] CWE-770 CVE-2024-37298: gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Deco
gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other s
nvd