BR-demo-org / netflix_conductor_fork

Conductor is a microservices orchestration engine - https://netflix.github.io/conductor/
Apache License 2.0
0 stars 0 forks source link

CVE-2018-17142 (High) detected in github.com/golang/net-v0.0.0-20180906233101-161cd47e91fd - autoclosed #304

Closed mend-bolt-for-github[bot] closed 1 year ago

mend-bolt-for-github[bot] commented 2 years ago

CVE-2018-17142 - High Severity Vulnerability

Vulnerable Library - github.com/golang/net-v0.0.0-20180906233101-161cd47e91fd

[mirror] Go supplementary network libraries

Library home page: https://proxy.golang.org/github.com/golang/net/@v/v0.0.0-20180906233101-161cd47e91fd.zip

Dependency Hierarchy: - :x: **github.com/golang/net-v0.0.0-20180906233101-161cd47e91fd** (Vulnerable Library)

Found in HEAD commit: 975ea99358eaa6f34b7c8c0c0dce2a0a92a39da5

Found in base branch: master

Vulnerability Details

The html package (aka x/net/html) through 2018-09-17 in Go mishandles