SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.CreditsYuichi WatanabeReferenceshttps://go.dev/cl/652135https://go.dev/issue/71931https://pkg.go.dev/vuln/GO-2025-3487
