Описание
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 2 | grafana | Not affected | ||
| Red Hat Ceph Storage 3 | grafana | Not affected | ||
| Red Hat Developer Tools | kompose | Out of support scope | ||
| Red Hat Enterprise Linux 7 | golang-googlecode-net | Not affected | ||
| Red Hat OpenShift Container Platform 3.10 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.11 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.2 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.3 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.4 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.5 | atomic-openshift | Not affected |
Показывать по
Дополнительная информация
Статус:
5.3 Medium
CVSS3
Связанные уязвимости
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call.
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call.
The html package (aka x/net/html) through 2018-09-17 in Go mishandles ...
golang.org/x/net/html has Improper Restriction of Operations within the Bounds of a Memory Buffer
5.3 Medium
CVSS3