EPSS
Percentile
65.1%
The html package (aka x/net/html) through 2018-09-25 in Go mishandles , leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification.
bugzilla.redhat.com/show_bug.cgi?id=1639109
www.cve.org/CVERecord?id=CVE-2018-17846 https://nvd.nist.gov/vuln/detail/CVE-2018-17846