VYPR
High severity7.5NVD Advisory· Published Sep 16, 2018· Updated Jun 17, 2026

CVE-2018-17075

CVE-2018-17075

Description

The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of , , or . This is related to HTMLTreeBuilder.cpp in WebKit.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
golang.org/x/netGo
< 0.0.0-20180816102801-aaf60122140d0.0.0-20180816102801-aaf60122140d

Affected products

1

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.