6 matches found
CVE-2023-29409 affecting package msft-golang for versions less than 1.20.7-1
CVE-2023-29409 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is available...
CVE-2023-29405 affecting package msft-golang for versions less than 1.20.7-1
CVE-2023-29405 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is available...
CVE-2023-29403 affecting package msft-golang for versions less than 1.20.7-1
CVE-2023-29403 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is available...
CVE-2023-29405 affecting package golang for versions less than 1.20.7-1
CVE-2023-29405 affecting package golang for versions less than 1.20.7-1. A patched version of the package is available...
AZL-26615 CVE-2023-29400 affecting package golang for versions less than 1.20.7-1
Templates containing actions in unquoted HTML attributes e.g. "attr=." executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags...
AZL-52878 CVE-2023-24534 affecting package golang for versions less than 1.20.7-1
HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more memory than requir...