sflow decode package does not employ sufficient packet sanitisation which can lead to a denial of service attack. Attackers can craft malformed packets causing the process to consume large amounts of memory resulting in a denial of service.
https://github.com/cloudflare/goflow/security/advisories/GHSA-9rpw-2h95-666c