GHSA-W4GW-W5JQ-G9JH golang.org/x/net/html has a Quadratic Parsing Complexity issue

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to Denial of Service DoS if an attacker provides specially crafted HTML content...

AZL-77049 CVE-2025-58190 affecting package sriov-network-device-plugin for versions less than 3.6.2-11

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

ROS-20240408-02

A vulnerability in the net/html library of the Go programming language exists due to a failure to take measures to protect the structure of a web page. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct cross-site scripting attacks...

The vulnerability of the Go programming language’s net/html library allows attackers to perform cross-site scripting attacks.

The vulnerability of the net/html library in the Go programming language exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

PT-2023-6563

Name of the Vulnerable Software and Affected Versions net/html library affected versions not specified Description The issue arises from text nodes not in the HTML namespace being incorrectly literally rendered, causing text that should be escaped to not be. This could lead to an XSS attack. The...