5 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-43370
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting XSS injection if .po dictionary definition files are corrupted. This...
CVE-2024-43370
gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting XSS injection if .po dictionary definition files are corrupted. This vulnerability has been patched in version 2.0.3. As a workaround, control the origin of the definition catalog to prevent the use of this...
DEBIAN-CVE-2024-43370
gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting XSS injection if .po dictionary definition files are corrupted. This vulnerability has been patched in version 2.0.3. As a workaround, control the origin of the definition catalog to prevent the use of this...
UBUNTU-CVE-2024-43370
gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting XSS injection if .po dictionary definition files are corrupted. This vulnerability has been patched in version 2.0.3. As a workaround, control the origin of the definition catalog to prevent the use of this...
GHSA-VWHG-JWR4-VXGG gettext.js has a Cross-site Scripting injection
Impact Possible vulnerability to XSS injection if .po dictionary definition files is corrupted Patches Update gettext.js to 2.0.3 Workarounds Make sure you control the origin of the definition catalog to prevent the use of this flaw in the definition of plural forms...