Tr3Ee

**Name of the Vulnerable Software and Affected Versions** Miek Gieben DNS library versions prior to 1.0.10 **Description** The issue is related to a parsing error in the `dns.ParseZone()` function, which can cause a segmentation violation or a panic due to a nil pointer dereference when parsing a malformed zone file containing TA records. This can lead to denial of service. **Recommendations** For versions prior to 1.0.10, update to version 1.0.10 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the `dns.ParseZone()` function for parsing user-supplied input until a patch is available. Restrict access to the `setTA` function in `scan rr.go` to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** html package (aka x/net/html) through 2018-09-25 **Description** The issue arises from the mishandling of specific HTML tags, such as `<table><math><select><mi><select></table>`, which can cause an infinite loop during an `html.Parse` call. This occurs because `inSelectIM` and `inSelectInTableIM` do not comply with a specification. The problem can also be described as `html.Parse` not properly handling "select" tags, potentially leading to a denial of service if user-supplied input is being parsed. **Recommendations** For the html package (aka x/net/html) through 2018-09-25, consider updating to a version newer than 2018-09-25 to resolve the issue. As a temporary workaround, consider restricting the use of the `html.Parse` function when parsing user-supplied input to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** html package (aka x/net/html) versions through 2018-09-25 **Description** The issue is related to the html package mishandling certain HTML inputs, such as `<svg><template><desc><t><svg></template>`, leading to a "panic: runtime error" (index out of range) in `(*nodeStack).pop` or `(*insertionModeStack).pop` in node.go, during an `html.Parse` call. This occurs when the `html.Parse` function is called with specific invalid inputs. **Recommendations** For versions through 2018-09-25, as a temporary workaround, consider avoiding the use of the `html.Parse` function with untrusted or potentially malformed HTML inputs until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** html package (aka x/net/html) versions through 2018-09-25 **Description** The issue arises from the html package mishandling certain HTML tags, such as `<math><template><mn><b></template>` and `<svg><template><desc><t><svg></template>`, leading to a "panic: runtime error" (index out of range) during an `html.Parse` call. This error occurs in functions like `(*insertionModeStack).pop` in node.go and `(*nodeStack).pop` in node.go. The `html.Parse` function can panic on some invalid inputs. **Recommendations** For versions through 2018-09-25, consider avoiding the use of the `html.Parse` function with potentially malformed HTML inputs until a fix is available. As a temporary workaround, validate and sanitize HTML inputs before passing them to the `html.Parse` function to minimize the risk of panic. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** html package (aka x/net/html) through 2018-09-17 **Description** The issue arises from the mishandling of specific HTML tags, such as `<math><template><mo><template>`, which can cause a "panic: runtime error" in the `parseCurrentToken` function within `parse.go` during an `html.Parse` call. This error occurs due to the `Parse` function's inability to handle certain invalid inputs properly, leading to a panic. **Recommendations** For versions through 2018-09-17, consider avoiding the use of the `html.Parse` function with potentially malformed HTML inputs until a fix is applied. As a temporary workaround, validate and sanitize all HTML inputs before passing them to the `html.Parse` function to minimize the risk of encountering this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GPP versions prior to 2.26 **Description** The issue arises when GPP attempts to utilize more memory space than is available on the stack, resulting in a segmentation fault or potentially other unspecified impacts. This can occur through the use of a crafted file. **Recommendations** For versions prior to 2.26, update to version 2.26 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** html package (aka x/net/html) versions prior to 2018-07-13 **Description** The issue is related to the HTML parser mishandling "in frameset" insertion mode. This can lead to a panic when parsing malformed HTML that contains <template> tags, potentially allowing for a denial of service attack if the input is user-controlled. The problem arises when the parser encounters specific tags such as <template><object>, <template><applet>, or <template><marquee>. **Recommendations** For versions prior to 2018-07-13, update the html package to a version released after 2018-07-13 to resolve the issue. As a temporary workaround, consider validating and sanitizing user input to prevent the parser from encountering malformed HTML that could trigger the panic. Restrict access to the html.Parse function when operating on untrusted input to minimize the risk of exploitation.