Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-58190

Опубликовано: 05 фев. 2026
Источник: redhat
CVSS3: 4.3
EPSS Низкий

Описание

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) in an exposed go application if an attacker provides specially crafted HTML content.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Assisted Installer for Red Hat OpenShift Container Platform 2rhai/assisted-installer-agent-rhel9Fix deferred
Assisted Installer for Red Hat OpenShift Container Platform 2rhai/assisted-installer-controller-rhel9Fix deferred
Assisted Installer for Red Hat OpenShift Container Platform 2rhai/assisted-installer-rhel9Fix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-controller-rhel9Fix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-git-cloner-rhel9Fix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-image-bundler-rhel9Fix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-image-processing-rhel9Fix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-rhel9-operatorFix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-shared-resource-rhel9Fix deferred
Builds for Red Hat OpenShiftopenshift-builds/openshift-builds-shared-resource-webhook-rhel9Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-835
https://bugzilla.redhat.com/show_bug.cgi?id=2437110golang.org/x/net/html: Infinite parsing loop in golang.org/x/net

EPSS

Процентиль: 1%
0.00011
Низкий

4.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-58190

CVSS3: 5.3
ubuntu
2 месяца назад

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

nvd логотип

CVE-2025-58190

CVSS3: 5.3
nvd
2 месяца назад

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

debian логотип

CVE-2025-58190

CVSS3: 5.3
debian
2 месяца назад

The html.Parse function in golang.org/x/net/html has an infinite parsi ...

redos логотип

ROS-20260401-73-0041

CVSS3: 5.3
redos
8 дней назад

Уязвимость golang-x-net

suse-cvrf логотип

openSUSE-SU-2026:20327-1

suse-cvrf
около 1 месяца назад

Security update for helm

EPSS

Процентиль: 1%
0.00011
Низкий

4.3 Medium

CVSS3