Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2023:3319

Опубликовано: 25 мая 2023
Источник: rocky
Оценка: Important

Описание

Important: go-toolset:Rocky Linux8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

Security Fix(es):

  • golang: html/template: improper handling of JavaScript whitespace (CVE-2023-24540)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
golang-docsnoarch1.module+el8.8.0+1298+7af20600golang-docs-1.19.9-1.module+el8.8.0+1298+7af20600.noarch.rpm
golang-miscnoarch1.module+el8.8.0+1298+7af20600golang-misc-1.19.9-1.module+el8.8.0+1298+7af20600.noarch.rpm
golang-srcnoarch1.module+el8.8.0+1298+7af20600golang-src-1.19.9-1.module+el8.8.0+1298+7af20600.noarch.rpm
golang-testsnoarch1.module+el8.8.0+1298+7af20600golang-tests-1.19.9-1.module+el8.8.0+1298+7af20600.noarch.rpm
delvex86_641.module+el8.8.0+1263+19d1a562delve-1.9.1-1.module+el8.8.0+1263+19d1a562.x86_64.rpm
golangx86_641.module+el8.8.0+1298+7af20600golang-1.19.9-1.module+el8.8.0+1298+7af20600.x86_64.rpm
golang-binx86_641.module+el8.8.0+1298+7af20600golang-bin-1.19.9-1.module+el8.8.0+1298+7af20600.x86_64.rpm
golang-docsnoarch1.module+el8.8.0+1298+7af20600golang-docs-1.19.9-1.module+el8.8.0+1298+7af20600.noarch.rpm
golang-miscnoarch1.module+el8.8.0+1298+7af20600golang-misc-1.19.9-1.module+el8.8.0+1298+7af20600.noarch.rpm
golang-racex86_641.module+el8.8.0+1298+7af20600golang-race-1.19.9-1.module+el8.8.0+1298+7af20600.x86_64.rpm

Показывать по

Связанные CVE

CVE-2023-24540

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2023-24540

CVSS3: 9.8
ubuntu
больше 2 лет назад

Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.

redhat логотип

CVE-2023-24540

CVSS3: 8.1
redhat
больше 2 лет назад

Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.

nvd логотип

CVE-2023-24540

CVSS3: 9.8
nvd
больше 2 лет назад

Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.

msrc логотип

CVE-2023-24540

CVSS3: 9.8
msrc
3 месяца назад

Improper handling of JavaScript whitespace in html/template

debian логотип

CVE-2023-24540

CVSS3: 9.8
debian
больше 2 лет назад

Not all valid JavaScript whitespace characters are considered to be wh ...