Go modules package
github.com/antchfx/xpath
pkg:golang/github.com/antchfx/xpath
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-32287 | Hig | 7.5 | < 1.3.6 | 1.3.6 | Mar 26, 2026 | Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery.Select, leading to 100% CPU usage. This can be triggered by top-level selectors such as "1=1" or "true()". |
- affected < 1.3.6fixed 1.3.6
Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery.Select, leading to 100% CPU usage. This can be triggered by top-level selectors such as "1=1" or "true()".