DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2018-17848

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2018-17848

CGA ID

CGA-9hmg-wg7m-9wh7

Severity

7.5

High

CVSS V3

Summary

golang.org/x/net/html Improper Validation of Array Index vulnerability

Description

The html package (aka x/net/html) through 2018-09-25 in Go mishandles , leading to a "panic: runtime error" (index out of range) in (*insertionModeStack).pop in node.go, called from inHeadIM, during an html.Parse call.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images