Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-47911

Опубликовано: 05 фев. 2026
Источник: redhat
CVSS3: 5.3
EPSS Низкий

Описание

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Assisted Installer for Red Hat OpenShift Container Platform 2rhai/assisted-installer-agent-rhel9Fix deferred
Assisted Installer for Red Hat OpenShift Container Platform 2rhai/assisted-installer-controller-rhel9Fix deferred
Assisted Installer for Red Hat OpenShift Container Platform 2rhai/assisted-installer-rhel9Fix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-controller-rhel9Fix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-git-cloner-rhel9Fix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-image-bundler-rhel9Fix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-image-processing-rhel9Fix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-rhel9-operatorFix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-shared-resource-rhel9Fix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-shared-resource-webhook-rhel9Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=2437109golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html

EPSS

Процентиль: 4%
0.00016
Низкий

5.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-47911

CVSS3: 5.3
ubuntu
2 месяца назад

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

nvd логотип

CVE-2025-47911

CVSS3: 5.3
nvd
2 месяца назад

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

debian логотип

CVE-2025-47911

CVSS3: 5.3
debian
2 месяца назад

The html.Parse function in golang.org/x/net/html has quadratic parsing ...

redos логотип

ROS-20260401-73-0040

CVSS3: 5.3
redos
10 дней назад

Уязвимость golang-x-net

github логотип

GHSA-w4gw-w5jq-g9jh

CVSS3: 5.3
github
около 2 месяцев назад

golang.org/x/net/html has a Quadratic Parsing Complexity issue

EPSS

Процентиль: 4%
0.00016
Низкий

5.3 Medium

CVSS3

Уязвимость CVE-2025-47911