Upstream information

CVE-2018-17848 at MITRE

Description

The html package (aka x/net/html) through 2018-09-25 in Go mishandles