Search for packages
| purl | pkg:deb/debian/golang-golang-x-net@1:0.27.0-2 |
| Next non-vulnerable version | 1:0.47.0-1 |
| Latest non-vulnerable version | 1:0.47.0-1 |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-73s2-6cpr-gkdu
Aliases: CVE-2025-47911 GHSA-w4gw-w5jq-g9jh |
golang.org/x/net/html has a Quadratic Parsing Complexity issue The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to Denial of Service (DoS) if an attacker provides specially crafted HTML content. |
Affected by 0 other vulnerabilities. |
|
VCID-asx6-ds7x-6ubz
Aliases: CVE-2025-58190 |
golang.org/x/net/html: Infinite parsing loop in golang.org/x/net |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T10:03:02.166749+00:00 | Debian Importer | Affected by | VCID-asx6-ds7x-6ubz | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T09:55:32.268698+00:00 | Debian Importer | Affected by | VCID-73s2-6cpr-gkdu | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T06:44:31.957819+00:00 | Debian Importer | Affected by | VCID-asx6-ds7x-6ubz | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-13T06:38:37.531305+00:00 | Debian Importer | Affected by | VCID-73s2-6cpr-gkdu | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-08T18:40:32.999148+00:00 | Debian Importer | Affected by | VCID-asx6-ds7x-6ubz | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-08T18:25:01.436750+00:00 | Debian Importer | Affected by | VCID-73s2-6cpr-gkdu | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |