CVE-2025-47911

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions golang.org/x/net/html (affected versions not specified)

Description The html.Parse function exhibits quadratic parsing complexity when handling specific inputs. This can result in a denial of service (DoS) if an attacker submits maliciously crafted HTML content.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-407CWE-664

Related Identifiers

AZL-76778

AZL-76781

AZL-76784

AZL-76793

AZL-76796

AZL-76802

AZL-76808

AZL-76818

AZL-76824

AZL-76830

AZL-76833

AZL-76836

AZL-76842

AZL-76845

AZL-76848

AZL-76859

AZL-76863

AZL-76868

AZL-76872

AZL-76883

AZL-76886

AZL-76893

AZL-76895

AZL-76898

AZL-76904

AZL-76910

AZL-76916

AZL-76922

AZL-76928

AZL-76935

AZL-76940

AZL-76944

AZL-76950

AZL-76955

AZL-76962

AZL-76977

AZL-76983

AZL-76992

AZL-77004

AZL-77007

AZL-77016

AZL-77019

AZL-77036

AZL-77046

AZL-77052

AZL-77067

AZL-77070

AZL-77079

AZL-77082

AZL-77096

AZL-77099

BDU:2026-05687

CLEANSTART-2026-AE87452

CLEANSTART-2026-BM53321

CLEANSTART-2026-CB01846

CLEANSTART-2026-DG06447

CLEANSTART-2026-DM93480

CLEANSTART-2026-EJ93145

CLEANSTART-2026-FM65506

CLEANSTART-2026-HA09227

CLEANSTART-2026-HK71313

CLEANSTART-2026-HX97842

CLEANSTART-2026-HZ73294

CLEANSTART-2026-JB52011

CLEANSTART-2026-JD68539

CLEANSTART-2026-JK84667

CLEANSTART-2026-KJ02127

CLEANSTART-2026-LS00044

CLEANSTART-2026-MF20926

CLEANSTART-2026-MQ21261

CLEANSTART-2026-NB78893

CLEANSTART-2026-NG75665

CLEANSTART-2026-OX88144

CLEANSTART-2026-PK48502

CLEANSTART-2026-QN98167

CLEANSTART-2026-SQ24713

CLEANSTART-2026-SQ68600

CLEANSTART-2026-TM31143

CLEANSTART-2026-UG20989

CLEANSTART-2026-UO31069

CLEANSTART-2026-WK32717

CVE-2025-47911

GHSA-W4GW-W5JQ-G9JH

GO-2026-4440

OPENSUSE-RU-2026:20010-1

OPENSUSE-SU-2025:15607-1

OPENSUSE-SU-2025:15616-1

OPENSUSE-SU-2025:15617-1

OPENSUSE-SU-2025:15618-1

OPENSUSE-SU-2025:15619-1

OPENSUSE-SU-2025:15620-1

OPENSUSE-SU-2025:15624-1

OPENSUSE-SU-2025:15647-1

OPENSUSE-SU-2025:15654-1

OPENSUSE-SU-2025:15669-1

OPENSUSE-SU-2025:15689-1

OPENSUSE-SU-2025:15709-1

OPENSUSE-SU-2025:15722-1

OPENSUSE-SU-2025:15729-1

OPENSUSE-SU-2025:15730-1

OPENSUSE-SU-2025:15743-1

OPENSUSE-SU-2025:15779-1

OPENSUSE-SU-2025:15830-1

OPENSUSE-SU-2025:15852-1

OPENSUSE-SU-2025:15854-1

OPENSUSE-SU-2025:20118-1

OPENSUSE-SU-2025:20128-1

OPENSUSE-SU-2025:20143-1

OPENSUSE-SU-2025:20160-1

OPENSUSE-SU-2026:10173-1

OPENSUSE-SU-2026:20044-1

OPENSUSE-SU-2026:20058-1

OPENSUSE-SU-2026:20105-1

OPENSUSE-SU-2026:20132-1

OPENSUSE-SU-2026:20206-1

OPENSUSE-SU-2026:20318-1

OPENSUSE-SU-2026:20327-1

OPENSUSE-SU-2026:20654-1

OPENSUSE-SU-2026:20730-1

RHSA-2026:7291

RHSA-2026:7385

SUSE-SU-2025:21043-1

SUSE-SU-2025:21221-1

SUSE-SU-2025:4190-1

SUSE-SU-2025:4444-1

SUSE-SU-2025:4446-1

SUSE-SU-2025:4479-1

SUSE-SU-2025:4482-1

SUSE-SU-2025_4190-1

SUSE-SU-2026:0028-1

SUSE-SU-2026:0403-1

SUSE-SU-2026:0580-1

SUSE-SU-2026:20089-1

SUSE-SU-2026:20176-1

SUSE-SU-2026:20244-1

SUSE-SU-2026:20357-1

SUSE-SU-2026:20685-1

USN-8089-1

USN-8089-2

USN-8089-3

Affected Products

Linuxmint

Red Os

Ubuntu

Golang.Org/X/Net/Html

CVE-2025-47911

Weakness Enumeration

Related Identifiers

Affected Products

References · 507