DirectorySecurity Advisories
Sign In
Security Advisories

CGA-wppw-w643-pqg6

Published

Last updated

https://images.chainguard.dev/security/CGA-wppw-w643-pqg6
Package

go-licenses

Latest Update
Fixed
Fixed Version

1.6.0-r19

Aliases
  • CVE-2024-45338
  • GHSA-w32m-9786-jp63

Severity

Unknown

Summary

Non-linear parsing of case-insensitive content in golang.org/x/net/html

Description

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images