26 matches found
EUVD-2023-43050
Malicious code in bioql PyPI...
Improper handling of special tags within script contexts in html/template
...
Improper handling of HTML-like comments in script contexts in html/template
...
golang: html/template: improper handling of special tags within script contexts
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of " contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped...
golang: html/template: improper handling of HTML-like comments within script contexts
A flaw was found in Golang. The html/template package did not properly handle HMTL-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This issue may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped...
BIT-GOLANG-2023-39318 Improper handling of HTML-like comments in script contexts in html/template
The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS atta...
BIT-GOLANG-2023-39319 Improper handling of special tags within script contexts in html/template
The html/template package does not apply the proper rules for handling occurrences of " contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack...
Oracle Linux 9 : containernetworking-plugins (ELSA-2023-7766)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-7766 advisory. - rebuild for following CVEs: CVE-2023-29409 CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 Tenable has extracted the preceding descriptio...
Moderate: Red Hat Security Advisory: skopeo security update
An update for skopeo is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
golang: html/template: improper handling of special tags within script contexts
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of " contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped...
ALSA-2023:7762 Moderate: skopeo security update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: crypto/tls: slow verification of certificate chains containing large RSA keys CVE-2023-29409 golang: html/template:...
Moderate: podman security update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: crypto/tls: slow verification of certificate chains containing large RSA keys...
golang: html/template: improper handling of HTML-like comments within script contexts
A flaw was found in Golang. The html/template package did not properly handle HMTL-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This issue may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped...
CVE-2023-39318
The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS atta...
CVE-2023-39319 Improper handling of special tags within script contexts in html/template
The html/template package does not apply the proper rules for handling occurrences of " contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack...
CVE-2023-39319
The html/template package does not apply the proper rules for handling occurrences of " contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack...
CVE-2023-39319 Improper handling of special tags within script contexts in html/template
The html/template package does not apply the proper rules for handling occurrences of " contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack...
CVE-2023-39318
The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS atta...
CVE-2023-39318 Improper handling of HTML-like comments in script contexts in html/template
The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS atta...
CVE-2023-39318 Improper handling of HTML-like comments in script contexts in html/template
The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS atta...