CVE search results

11 – 14 of 14 results

Detailed view

Sort by:

CVE-2018-17846

Low priority

Vulnerable

The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a...

2 affected packages

golang-go.net-dev, golang-golang-x-net-dev

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
golang-go.net-dev	Not in release	Not in release	Not in release	Not in release	Not in release
golang-golang-x-net-dev	Not in release	Not in release	Vulnerable	Vulnerable	Vulnerable

CVE-2018-17143

Medium priority

Not affected

The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call.

1 affected package

golang-golang-x-net-dev

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
golang-golang-x-net-dev	—	—	—	Not affected	Not affected

CVE-2018-17142

Medium priority

Not affected

The html package (aka x/net/html) through 2018-09-17 in Go mishandles <math><template><mo><template>, leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call.

1 affected package

golang-golang-x-net-dev

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
golang-golang-x-net-dev	—	—	—	Not affected	Not affected

CVE-2018-17075

Medium priority

Not affected

The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is...

2 affected packages

golang-go.net-dev, golang-golang-x-net-dev

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
golang-go.net-dev	—	—	—	Not in release	Not in release
golang-golang-x-net-dev	—	—	—	Not affected	Not affected

Export to JSON

Results by page:

Search CVE reports