Описание
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template>, <template>, or <template>. This is related to HTMLTreeBuilder.cpp in WebKit.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 2 | grafana | Not affected | ||
| Red Hat Ceph Storage 3 | grafana | Not affected | ||
| Red Hat Developer Tools | kompose | Out of support scope | ||
| Red Hat Enterprise Linux 7 | golang-googlecode-net | Not affected | ||
| Red Hat OpenShift Container Platform 3.10 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.11 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.2 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.3 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.4 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.5 | atomic-openshift | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is related to HTMLTreeBuilder.cpp in WebKit.
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is related to HTMLTreeBuilder.cpp in WebKit.
The html package (aka x/net/html) before 2018-07-13 in Go mishandles " ...
golang.org/x/net/html NULL Pointer Dereference vulnerability
EPSS
5.3 Medium
CVSS3