Vulnerability Report: GO-2022-0193
- CVE-2018-17143, GHSA-fcf9-6fv2-fc5v
- Affects: golang.org/x/net
- Published: Jul 06, 2022
- Modified: May 20, 2024
The Parse function can panic on some invalid inputs. For example, the Parse function panics on the input "<template><tBody><isindex/action=0>".
Affected Packages
-
PathGo VersionsSymbols
-
before v0.0.0-20180921000356-2f5d2388922f
Aliases
References
- https://go-review.googlesource.com/c/net/+/136575
- https://go.googlesource.com/net/+/2f5d2388922f370f4355f327fcf4cfe9f5583908
- https://go.dev/issue/27704
- https://vuln.go.dev/ID/GO-2022-0193.json
Credits
- @tr3ee
Feedback
See anything missing or incorrect?
Suggest an edit to this report.