CVE-2018-17847

Posted on by admin

CVE-2018-17847

The html package (aka x/net/html) through 2018-09-25 in Go mishandles <svg><template><desc><t><svg></template>, leading to a "panic: runtime error" (index out of range) in (*nodeStack).pop in node.go, called from (*parser).clearActiveFormattingElements, during an html.Parse call.

Source: CVE-2018-17847

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다