CVE-2026-25680
MEDIUM6.5EPSS 0.06%Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html
發布日:2026/5/22修改日:2026/6/3
也稱為:DEBIAN-CVE-2026-25680
描述
Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service.
受影響套件(2)
- Debian/golang-golang-x-netfrom 0
- Go/golang.org/x/netfrom 0, < 0.55.0
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |