First published: Mon Sep 17 2018(Updated: )
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <math><template><mo><template>, leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
go/golang.org/x/net | <0.0.0-20180925071336-cf3bd585ca2a | 0.0.0-20180925071336-cf3bd585ca2a |
Golang Net | <=2018-09-17 | |
Fedoraproject Fedora | =28 | |
Fedoraproject Fedora | =29 | |
<=2018-09-17 | ||
=28 | ||
=29 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.