Lucene search
GoCVELIST:CVE-2023-3978HistoryAug 02, 2023 - 7:48 p.m.
CVE-2023-3978 Improper rendering of text nodes in golang.org/x/net/html
2023-08-0219:48:56
Go
www.cve.org
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.
CNA Affected
[
{
"vendor": "golang.org/x/net",
"product": "golang.org/x/net/html",
"collectionURL": "https://pkg.go.dev",
"packageName": "golang.org/x/net/html",
"versions": [
{
"version": "0",
"lessThan": "0.13.0",
"status": "affected",
"versionType": "semver"
}
],
"programRoutines": [
{
"name": "render1"
},
{
"name": "Render"
}
],
"defaultStatus": "unaffected"
}
]Related
prion
prion
Design/Logic Flaw
2023-08-02 20:15:00
cbl_mariner
cbl_mariner
CVE-2023-3978 affecting package telegraf for versions less than 1.29.4-1
2024-04-17 22:02:46
CVE-2023-3978 affecting package packer for versions less than 1.10.1-1
2024-04-12 05:06:27
CVE-2023-3978 affecting package kubevirt for versions less than 1.2.0-1
2024-04-17 22:02:46
veracode
veracode
Cross-Site Scripting (XSS)
2023-08-04 04:52:36
redos
redos
ROS-20240408-02
2024-04-08 00:00:00
nessus
nessus
Fedora 40 : golang-github-onsi-ginkgo-2 (2023-c4b597d917)
2024-04-29 00:00:00
RHEL 8 / 9 : OpenShift Container Platform 4.14.14 (RHSA-2024:0944)
2024-02-27 00:00:00
Amazon Linux 2023 : ecs-init (ALAS2023-2024-476)
2024-01-08 00:00:00
cve
cve
CVE-2023-3978
2023-08-02 20:15:12
osv
osv
CVE-2023-3978
2023-08-02 20:15:12
Improper rendering of text nodes in golang.org/x/net/html
2023-08-02 21:30:20
Improper rendering of text nodes in golang.org/x/net/html
2023-08-02 15:06:27
redhatcve
redhatcve
CVE-2023-3978
2023-08-07 05:49:01
redhat
redhat
cgr
cgr
CVE-2023-3978 vulnerabilities
2024-05-19 03:07:16
debiancve
debiancve
CVE-2023-3978
2023-08-02 20:15:12
github
github
Improper rendering of text nodes in golang.org/x/net/html
2023-08-02 21:30:20
ubuntucve
ubuntucve
CVE-2023-3978
2023-08-02 00:00:00
nvd
nvd
CVE-2023-3978
2023-08-02 20:15:12
wolfi
wolfi
CVE-2023-3978 vulnerabilities
2024-06-09 15:34:28
amazon
amazon
Important: nerdctl
2023-11-09 19:19:00
Important: cri-tools
2024-02-01 19:57:00
Important: amazon-ssm-agent
2023-10-12 15:09:00
ibm
ibm
oraclelinux
oraclelinux
podman security, bug fix, and enhancement update
2023-11-11 00:00:00
container-tools:4.0 security and bug fix update
2023-11-18 00:00:00
container-tools:ol8 security and bug fix update
2023-11-18 00:00:00
almalinux
almalinux
Moderate: podman security, bug fix, and enhancement update
2023-11-07 00:00:00
Moderate: container-tools:4.0 security and bug fix update
2023-11-14 00:00:00
Moderate: container-tools:rhel8 security and bug fix update
2023-11-14 00:00:00