golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Go | Golang | * | 1.15.12 (including) |
| Go | Golang | 1.16.0 (including) | 1.16.4 (including) |
| Golang-golang-x-net | Ubuntu | groovy | * |
| Golang-golang-x-net | Ubuntu | hirsute | * |
| Golang-golang-x-net | Ubuntu | impish | * |
| Golang-golang-x-net | Ubuntu | kinetic | * |
| Golang-golang-x-net | Ubuntu | lunar | * |
| Golang-golang-x-net | Ubuntu | mantic | * |
| Golang-golang-x-net-dev | Ubuntu | bionic | * |
| Golang-golang-x-net-dev | Ubuntu | trusty | * |
| Golang-golang-x-net-dev | Ubuntu | xenial | * |
| OpenShift Logging 5.3 | RedHat | openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-44 | * |
| OpenShift Logging 5.3 | RedHat | openshift-logging/elasticsearch-rhel8-operator:v5.3.0-19 | * |
| Red Hat OpenShift Container Platform 4.8 | RedHat | openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream | * |
| Red Hat OpenShift Container Platform 4.9 | RedHat | openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream | * |