| module: golang.org/x/text |
| package: golang.org/x/text/language |
| versions: |
| - fixed: v0.3.7 |
| description: | |
| Due to improper index calculation, an incorrectly formatted language tag can cause Parse |
| to panic, due to an out of bounds read. If Parse is used to process untrusted user inputs, |
| this may be used as a vector for a denial of service attack. |
| cve: CVE-2021-38561 |
| credit: Guido Vranken |
| symbols: |
| - Parse |
| published: 2021-10-06T12:00:00Z |
| links: |
| commit: https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f |
| pr: https://go-review.googlesource.com/c/text/+/340830 |