Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-17848 | 2 Fedoraproject, Golang | 2 Fedora, Net | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <math><template><mn><b></template>, leading to a "panic: runtime error" (index out of range) in (*insertionModeStack).pop in node.go, called from inHeadIM, during an html.Parse call. | |||||
CVE-2018-17847 | 2 Fedoraproject, Golang | 2 Fedora, Net | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <svg><template><desc><t><svg></template>, leading to a "panic: runtime error" (index out of range) in (*nodeStack).pop in node.go, called from (*parser).clearActiveFormattingElements, during an html.Parse call. | |||||
CVE-2018-17846 | 2 Fedoraproject, Golang | 2 Fedora, Net | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification. | |||||
CVE-2018-17075 | 2 Fedoraproject, Golang | 2 Fedora, Net | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is related to HTMLTreeBuilder.cpp in WebKit. | |||||
CVE-2018-17142 | 2 Fedoraproject, Golang | 2 Fedora, Net | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <math><template><mo><template>, leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call. | |||||
CVE-2018-17143 | 2 Fedoraproject, Golang | 2 Fedora, Net | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call. |