CVE-2019-12198

In GoHttp through 2017-07-25, there is a stack-based buffer over-read via a long User-Agent header.
Source: NIST
CVE-2019-12198