Описание
The html package (aka x/net/html) through 2018-09-25 in Go mishandles
<math>Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2018-09-25 (включая)
cpe:2.3:a:golang:net:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00592
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-835
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 7 лет назад
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification.
CVSS3: 5.3
redhat
больше 7 лет назад
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification.
CVSS3: 7.5
debian
больше 7 лет назад
The html package (aka x/net/html) through 2018-09-25 in Go mishandles ...
CVSS3: 7.5
github
больше 2 лет назад
x/net/html Vulnerable to DoS During HTML Parsing
EPSS
Процентиль: 69%
0.00592
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-835