VYPR

Go modules package

golang.org/x/net/html

pkg:golang/golang.org/x/net/html

Vulnerabilities (2)

  • CVE-2025-47911Feb 5, 2026
    affected < 0.45.0fixed 0.45.0

    The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

  • CVE-2024-45338MedDec 18, 2024
    affected < 0.33.0fixed 0.33.0

    An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.