CVE search results

1 – 4 of 4 results

Detailed view

Sort by:

CVE-2018-17848

Medium priority

Not affected

The html package (aka x/net/html) through 2018-09-25 in Go mishandles <math><template><mn><b></template>, leading to a “panic: runtime error” (index out of range) in (*insertionModeStack).pop in node.go, called from inHeadIM,...

2 affected packages

golang-go.net-dev, golang-golang-x-net-dev

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-go.net-dev	—	—	—	Not in release
golang-golang-x-net-dev	—	—	—	Not affected

CVE-2018-17847

Low priority

Not affected

The html package (aka x/net/html) through 2018-09-25 in Go mishandles <svg><template><desc><t><svg></template>, leading to a “panic: runtime error” (index out of range) in (*nodeStack).pop in node.go, called...

2 affected packages

golang-go.net-dev, golang-golang-x-net-dev

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-go.net-dev	—	—	—	Not in release
golang-golang-x-net-dev	—	—	—	Not affected

CVE-2018-17846

Low priority

Vulnerable

The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a...

2 affected packages

golang-go.net-dev, golang-golang-x-net-dev

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-go.net-dev	Not in release	Not in release	Not in release	Not in release
golang-golang-x-net-dev	Not in release	Not in release	Vulnerable	Vulnerable

CVE-2018-17075

Medium priority

Not affected

The html package (aka x/net/html) before 2018-07-13 in Go mishandles “in frameset” insertion mode, leading to a “panic: runtime error” for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is...

2 affected packages

golang-go.net-dev, golang-golang-x-net-dev

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-go.net-dev	—	—	—	Not in release
golang-golang-x-net-dev	—	—	—	Not affected

Search CVE reports