Search CVE reports
21 – 23 of 23 results
golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.
3 affected packages
golang-golang-x-net-dev, google-guest-agent, golang-golang-x-net
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang-golang-x-net-dev | Not in release | Not in release | Ignored | Ignored |
| google-guest-agent | Not affected | Not affected | Not affected | Not affected |
| golang-golang-x-net | Not affected | Not affected | Not in release | Not in release |
Some fixes available 3 of 9
In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
3 affected packages
google-guest-agent, golang-x-text, golang-golang-x-text
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| google-guest-agent | Not affected | Not affected | Not affected | Not affected |
| golang-x-text | Not in release | Not in release | Vulnerable | Fixed |
| golang-golang-x-text | Not affected | Not affected | Fixed | Not in release |
Some fixes available 3 of 10
In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
3 affected packages
google-guest-agent, golang-x-text, golang-golang-x-text
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| google-guest-agent | Not affected | Not affected | Not affected | Not affected |
| golang-x-text | Not in release | Not in release | Vulnerable | Fixed |
| golang-golang-x-text | Not affected | Not affected | Fixed | Not in release |