CGA-crpp-6834-52pg

Published 13 days ago

Last updated 13 days ago

Package

node-problem-detector-0.8

Latest Update
Fixed
Fixed Version

0.8.20-r3

Severity

Unknown

Summary

Non-linear parsing of case-insensitive content in golang.org/x/net/html

Description

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

Updates

Status
Fixed version
Impact
Updated
Fixed
0.8.20-r3
—

Dec 21, 2024

Under investigation
—
—

Dec 20, 2024

2 updates