14 matches found
golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting
A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site...
Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html
...
Invoking incorrect handling of HTML elements in foreign content in golang.org/x/net/html
...
Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html
...
CVE-2026-25680 Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html
Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service...
Medium: ecs-init
Issue Overview: The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content. CVE-2025-47911 The html.Parse function in golang.org/x/net/html has an...
golang.org/x/net/html has a Quadratic Parsing Complexity issue
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to Denial of Service DoS if an attacker provides specially crafted HTML content...
Linux Distros Unpatched Vulnerability : CVE-2025-47911
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an...
AZL-76790 CVE-2025-58190 affecting package azl-otel-collector 0.127.0-1
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-77000 CVE-2025-58190 affecting package keda 2.14.1-9
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-77049 CVE-2025-58190 affecting package sriov-network-device-plugin for versions less than 3.6.2-11
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-76889 CVE-2025-58190 affecting package cloud-provider-kubevirt 0.5.1-2
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-76827 CVE-2025-58190 affecting package cert-manager for versions less than 1.11.2-27
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-76868 CVE-2025-47911 affecting package cert-manager 1.12.15-4
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...