CVE-2025-47911

The IBM Security Bulletin for ELM on Hybrid Cloud notes CVE-2025-47911 affects the underlying golang.org/x/net/html html.Parse function, which can exhibit quadratic parsing behavior on carefully crafted HTML inputs and may enable DoS. Affected product versions are ELM on Hybrid Cloud 1.0.0 to 1.3...

CVE-2025-58190

CVE-2025-58190 affects the html.Parse function in golang.org/x/net/html. The vulnerability is an infinite parsing loop triggered by certain inputs, leading to denial of service (DoS). The connected advisories confirm the issue but do not specify a patched version or remediation in the provided do...