CNNVD-202602-807 Information
Feb 05, 2026
cve
CNNVD ID
CNNVD-202602-807
Related CVE
- CNNVD Published: 2026-02-05
Description (Chinese)
Google Go是美国谷歌(Google)公司的一种静态强类型、编译型、并发型,并具有垃圾回收功能的编程语言。 Google Go存在安全漏洞,该漏洞源于golang.org/x/net/html的html.Parse函数处理特定输入时解析复杂度为二次方,攻击者提供特制HTML内容可能导致拒绝服务。
Description (English)
Google Go is a static type, compiler, hairdresser of Google and a programme language with a garbage recovery function. There is a security loophole in Google Go, which originates from the html.Parse function of Golang.org/x/net/html, which resolves the complexity of a given input to a secondary side and the attacker ’ s specially designed HTML content may lead to the denial of service.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
谷歌
Published
2026-02-05
Last Modified
2026-02-24
References
https://github.com/golang/vulndb/issues/4440 https://go.dev/cl/709876 https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c https://pkg.go.dev/vuln/GO-2026-4440