Loading...

XML

Word

Printable

Type: Vulnerability
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: 4.19.0
Component/s: Cloud Compute / IBM Provider
Labels:

Severity:
Critical
Regression:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Release Note Type:
Release Note Not Required
Release Note Status:
In Progress
Target Version:

4.19.0
Embargo Status:
False

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Security Tracking Issue

Do not make this issue public.

Flaw:

Non-linear parsing of case-insensitive content in golang.org/x/net/html
https://bugzilla.redhat.com/show_bug.cgi?id=2333122

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

clones

OCPBUGS-50561 CVE-2024-45338 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

is depended on by

OCPBUGS-50561 CVE-2024-45338 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

OCPBUGS-50565 CVE-2024-45338 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

POST

links to

openshift/cluster-api-provider-ibmcloud#99: OCPBUGS-50674: Fix for CVE-2024-45338 in golang.org/x/net/html in main

Assignee:: Jeff Nowicki

Reporter:: Aman Shrivastava

QA Contact:: Zhaohua Sun

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2025/02/13 9:24 AM

Updated:: 2025/02/18 2:19 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates