Vulnerability Report: GO-2022-0192
- CVE-2018-17142, GHSA-2wp2-chmh-r934
- Affects: golang.org/x/net
- Published: Jul 01, 2022
- Modified: Dec 14, 2023
The Parse function can panic on some invalid inputs. For example, the Parse function panics on the input "<math><template><mo><template>".
Affected Packages
-
PathVersionsSymbols
-
before v0.0.0-20180925071336-cf3bd585ca2a
Aliases
References
- https://go.dev/cl/136875
- https://go.googlesource.com/net/+/cf3bd585ca2a5a21b057abd8be7eea2204af89d0
- https://go.dev/issue/27702
- https://vuln.go.dev/ID/GO-2022-0192.json
Credits
- @tr3ee
Feedback
See anything missing or incorrect?
Suggest an edit to this report.