logo

Database

Improper resource allocation - Buffer overflow In golang.org/x/net

Description

golang.org/x/net/html has Improper Restriction of Operations within the Bounds of a Memory Buffer The html package (aka x/net/html) through 2018-09-17 in Go mishandles

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2018-171432. NVD-2018-171433. OSV-2018-171434. GHSA-fcf9-6fv2-fc5v5. GCVE-2018-17143

References

1. https://github.com/golang/go/issues/277042. https://go-review.googlesource.com/c/net/+/1365753. https://go.dev/issue/277044. https://go.googlesource.com/net/+/2f5d2388922f370f4355f327fcf4cfe9f55839085. https://lists.fedoraproject.org/archives/list/[email protected]/message/LREEWY6KNLHRWFZ7OT4HVLMVVCGGUHON6. https://lists.fedoraproject.org/archives/list/[email protected]/message/UKRCI7WIOCOCD3H7NXWRGIRABTQOZOBK7. https://pkg.go.dev/vuln/GO-2022-01938. https://lists.fedoraproject.org/archives/list/[email protected]/message/LREEWY6KNLHRWFZ7OT4HVLMVVCGGUHON/9. https://lists.fedoraproject.org/archives/list/[email protected]/message/UKRCI7WIOCOCD3H7NXWRGIRABTQOZOBK/

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.