Oracle Linux 9 : containernetworking-plugins (ELSA-2023-7766)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-7766 advisory. - rebuild for following CVEs: CVE-2023-29409 CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 Tenable has extracted the preceding descriptio...

Cross-Site Scripting (XSS)

html/template is vulnerable to Cross-Site Scripting XSS attacks. The vulnerability exists because the package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.20 (SUSE-SU-2023:3700-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3700-1 advisory. - The html/template package does not properly handle HTML-like comment tokens, nor hashbang !...

CVE-2023-39318

The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS atta...