Описание
The html package (aka x/net/html) through 2018-09-25 in Go mishandles
<math>Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 2 | grafana | Not affected | ||
| Red Hat Ceph Storage 3 | grafana | Not affected | ||
| Red Hat Developer Tools | kompose | Out of support scope | ||
| Red Hat Enterprise Linux 7 | golang-googlecode-net | Not affected | ||
| Red Hat OpenShift Container Platform 3.10 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.11 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.2 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.3 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.4 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.5 | atomic-openshift | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=1639109golang-org-x-net-html: infinite loop during html.Parse() via inSelectIM and inSelectInTableIM
EPSS
Процентиль: 69%
0.00592
Низкий
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 7 лет назад
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification.
CVSS3: 7.5
nvd
больше 7 лет назад
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification.
CVSS3: 7.5
debian
больше 7 лет назад
The html package (aka x/net/html) through 2018-09-25 in Go mishandles ...
CVSS3: 7.5
github
больше 2 лет назад
x/net/html Vulnerable to DoS During HTML Parsing
EPSS
Процентиль: 69%
0.00592
Низкий
5.3 Medium
CVSS3