CVE-2021-33194 log

Source
Severity Low
Remote Yes
Type Denial of service
Description
Version v0.0.0-20210520170846-37e1c6afe023 of golang.org/x/net fixes a vulnerability in the golang.org/x/net/html package which could cause a denial of service. An attacker can craft an input to ParseFragment that would cause it to enter an infinite loop and never return.
Group Package Affected Fixed Severity Status Ticket
AVG-1974 golang-golang-x-net 0.0.20191210-2 Low Vulnerable
References
https://groups.google.com/g/golang-announce/c/wPunbCPkWUg/m/ifcDT_DbCwAJ
https://github.com/golang/go/issues/46288
https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7