3 matches found
SUSE CVE-2018-17075
The html package aka x/net/html before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of , , or . This is related to HTMLTreeBuilder.cpp in WebKit...
Fedora 28 : golang-googlecode-net (2019-07d447a1d3)
Bump to commit 16b79f2e4e95ea23b2bf9903c9809ff7b013ce85 Security fixes for CVE-2018-17143, CVE-2018-17142, CVE-2018-17075, CVE-2018-17846, CVE-2018-17847, CVE-2018-17848 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...
CVE-2018-17075
CVE-2018-17075 affects Go’s html package (x/net/html) prior to 2018-07-13. The vulnerability arises from mishandling the htmlParse insertion mode in frameset contexts, causing a panic: runtime error when parsing crafted HTML like , , or . The issue is linked to HTMLTreeBuilder.cpp in WebKit. The ...