CVE-2018-17848

Published: 2018-10-01T08:29Z

Last Modified: 2024-11-21T03:55Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The html package (aka x/net/html) through 2018-09-25 in Go mishandles <math><template><mn><b></template>, leading to a "panic: runtime error" (index out of range) in (*insertionModeStack).pop in node.go, called from inHeadIM, during an html.Parse call. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt