Showing 1 - 12 of 12

CVE-2023-39318

Status Candidate

Overview

The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS attack.

Related Files

Red Hat Security Advisory 2024-3467-03: Posted May 30, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-3467-03 - An update for etcd is now available for Red Hat OpenStack Platform 16.1 on Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39318; SHA-256 | e9cee77eb5e84d1ebda562c86a74fcdee76f777941f932eaef8175320f8e5abe; Download | Favorite | View

Red Hat Security Advisory 2024-3352-03: Posted May 24, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-3352-03 - An update for etcd is now available for Red Hat OpenStack Platform 16.2. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39318; SHA-256 | b6f05073bd63a1afd32e8d1a0c60f4c63ddfb7614ff04c8ed3b99831973faa34; Download | Favorite | View

Red Hat Security Advisory 2024-2160-03: Posted Apr 30, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2160-03 - An update for toolbox is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39318; SHA-256 | c8d61c7795041e610ddcba8110d59ad4885b82b91d49c53fb5a67a47815eb6d5; Download | Favorite | View

Red Hat Security Advisory 2024-1901-03: Posted Apr 18, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1901-03 - OpenShift container images for the Red Hat Service Interconnect 1.5 release.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39318; SHA-256 | bf7cf6d6fa915b2733b85e8d1e76d765cad3f8214eae02a05f9c286f01f5edf4; Download | Favorite | View

Ubuntu Security Notice USN-6574-1: Posted Jan 11, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6574-1 - Takeshi Kaneko discovered that Go did not properly handle comments and special tags in the script context of html/template module. An attacker could possibly use this issue to inject Javascript code and perform a cross site scripting attack. This issue only affected Go 1.20 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. It was discovered that Go did not properly validate the "//go:cgo_" directives during compilation. An attacker could possibly use this issue to inject arbitrary code during compile time.; tags | advisory, arbitrary, javascript, xss; systems | linux, ubuntu; advisories | CVE-2023-39318, CVE-2023-39323, CVE-2023-39326, CVE-2023-45285; SHA-256 | b8c2a5761a1b9b637336f2af66c0577c0e91e5d6928b1d69d773c8f5060e8589; Download | Favorite | View

Red Hat Security Advisory 2023-6154-01: Posted Nov 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6154-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.2.0. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39318; SHA-256 | a1b8ec594719d6cd2560237e911ffeb2faf21a86e517fdfd06afd2303e08fe8e; Download | Favorite | View

Red Hat Security Advisory 2023-6202-01: Posted Oct 31, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6202-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.8 General Availability release images, which provide security updates and fix bugs. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39318; SHA-256 | 82527535751300355c14cd7d80309cf4c22a7859261d57a33f14a6d1126d4b71; Download | Favorite | View

Red Hat Security Advisory 2023-6200-01: Posted Oct 31, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6200-01 - The multicluster engine for Kubernetes 2.1.9 General Availability release images, which contains security fixes and update container images. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39318; SHA-256 | 247d7f523bbca7b63e1185ab1bbb72da689d1d9d6b5c6ec0c2d7d8efa55e9f31; Download | Favorite | View

Red Hat Security Advisory 2023-6148-01: Posted Oct 27, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6148-01 - Red Hat Advanced Cluster Management for Kubernetes 2.7.9 General Availability release images, which provide security updates and fix bugs. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39318; SHA-256 | 7328757d0b982e2a9eacd4be6d01b3decdf0c7d25fbb2e5abe1c69826cfc1546; Download | Favorite | View

Red Hat Security Advisory 2023-6145-01: Posted Oct 27, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6145-01 - Multicluster Engine for Kubernetes 2.2.9 General Availability release images, which contain security updates and fix bugs. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39318; SHA-256 | 5a6bac934517513689ce8c35be2231b40eaefa64701a973160b85e64e6488b2c; Download | Favorite | View

Red Hat Security Advisory 2023-6122-01: Posted Oct 26, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6122-01 - Red Hat Advanced Cluster Management for Kubernetes 2.8.3 General Availability release images, which provide security updates and fix bugs. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39318; SHA-256 | 6173a1e5fc7016d0d1669ab243a9199392d3d5ea7c1f6f2c3294f1307f8888a1; Download | Favorite | View

Red Hat Security Advisory 2023-6119-01: Posted Oct 26, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6119-01 - Multicluster Engine for Kubernetes 2.3.3 General Availability release images, which contain security updates and fix bugs. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39318; SHA-256 | 219b793374f8f662f06210f2b7a5afc74a0d9c8a4d6aee8f3458c9bae72f2a3d; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
indoushka 159 files
Jay Turla 150 files
Ubuntu 64 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,120)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,142)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,780)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,828)
UNIX (9,454)
UnixWare (188)
Windows (6,766)
Other

CVE-2023-39318

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems