Lucene search
GoogleOSV:BIT-GOLANG-2024-24785HistoryMar 12, 2024 - 8:24 a.m.
BIT-golang-2024-24785
2024-03-1208:24:09
Google
osv.dev
15
marshaljson
auto-escaping
html/template
unexpected content
software
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
Related
alpinelinux
alpinelinux
CVE-2024-24785
2024-03-05 23:15:07
veracode
veracode
Sensitive Information Disclosure
2024-03-17 17:29:23
cgr
cgr
CVE-2024-24785 vulnerabilities
2024-05-19 03:07:16
debiancve
debiancve
CVE-2024-24785
2024-03-05 23:15:07
prion
prion
Design/Logic Flaw
2024-03-05 23:15:00
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2024-24785
2024-03-05 00:00:00
redhatcve
redhatcve
CVE-2024-24785
2024-03-06 03:33:41
wolfi
wolfi
CVE-2024-24785 vulnerabilities
2024-06-28 09:08:32
cbl_mariner
cbl_mariner
CVE-2024-24785 affecting package golang for versions less than 1.21.6-1
2024-06-28 09:08:31
nvd
nvd
CVE-2024-24785
2024-03-05 23:15:07
cve
cve
CVE-2024-24785
2024-03-05 23:15:07
osv
osv
Errors returned from JSON marshaling may break template escaping in html/template
2024-03-05 22:15:40
Important: go-toolset:rhel8 security update
2024-06-14 13:59:30
Important: go-toolset:rhel8 security update
2024-05-22 00:00:00
nessus
nessus
Golang < 1.21.8, 1.22.x < 1.22.1 Multiple Vulnerabilities
2024-03-07 00:00:00
EulerOS 2.0 SP10 : golang (EulerOS-SA-2024-1567)
2024-05-09 00:00:00
EulerOS 2.0 SP10 : golang (EulerOS-SA-2024-1589)
2024-05-09 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1589)
2024-05-10 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1567)
2024-05-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0811-1)
2024-03-11 00:00:00
redos
redos
ROS-20240422-05
2024-04-22 00:00:00
freebsd
freebsd
go -- multiple vulnerabilities
2024-03-05 00:00:00
rocky
rocky
go-toolset:rhel8 security update
2024-06-14 13:59:30
golang security update
2024-05-10 14:32:42
redhat
redhat
(RHSA-2024:3259) Important: go-toolset:rhel8 security update
2024-05-22 10:41:22
(RHSA-2024:2562) Important: golang security update
2024-04-30 11:38:52
oraclelinux
oraclelinux
go-toolset:ol8 security update
2024-05-29 00:00:00
golang security update
2024-05-07 00:00:00
almalinux
almalinux
Important: go-toolset:rhel8 security update
2024-05-22 00:00:00
Important: golang security update
2024-04-30 00:00:00
amazon
amazon
Medium: golang
2024-05-23 22:04:00
6.6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.4%
Related for OSV:BIT-GOLANG-2024-24785