4 matches found
CVE-2020-25614
xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service SIGSEGV at xmlquery.Node.InnerText or possibly have unspecified other impact...
CVE-2020-25614
xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service SIGSEGV at xmlquery.Node.InnerText or possibly have unspecified other impact...
CVE-2020-25614
xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service SIGSEGV at xmlquery.Node.InnerText or possibly have unspecified other impact...
CVE-2020-25614
CVE-2020-25614 affects the Go library xmlquery prior to 1.3.1, which omits a check on whether LoadURL responses are XML. This can cause a denial of service (SIGSEGV) in xmlquery.(*Node).InnerText, with possible additional impacts. The issue is resolved by upgrading to xmlquery 1.3.1 (patch exists...