Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.

CPENameOperatorVersion
networkinglt0.13.0

CPE	Name	Operator	Version
	networking	lt	0.13.0

References

go.dev/cl/514896

go.dev/issue/61615

pkg.go.dev/vuln/GO-2023-1988

nessus 27

redhatcve 1

redhat 19

cbl_mariner 4

veracode 1

redos 1

cvelist 1

osv 6

cgr 1

cve 1

ubuntucve 1

nvd 1

github 1

debiancve 1

wolfi 1

amazon 3

ibm 8

almalinux 3

oraclelinux 3

nessus

Fedora 40 : rclone (2023-ff1e594f3d)

2024-04-29 00:00:00

Fedora 40 : caddy (2023-57b1499122)

2024-04-29 00:00:00

Fedora 40 : golang-github-onsi-ginkgo-2 (2023-c4b597d917)

2024-04-29 00:00:00

redhatcve

CVE-2023-3978

2023-08-07 05:49:01

redhat

(RHSA-2024:0944) Moderate: OpenShift Container Platform 4.14.14 packages and security update

2024-02-28 00:25:30

(RHSA-2023:7216) Moderate: Red Hat OpenShift Service Mesh Containers for 2.4.5

2023-11-15 00:15:54

(RHSA-2023:7315) Important: OpenShift Container Platform 4.14.3 bug fix and security update

2023-11-21 09:25:58

cbl_mariner

CVE-2023-3978 affecting package telegraf for versions less than 1.29.4-1

2024-04-17 22:02:46

CVE-2023-3978 affecting package telegraf for versions less than 1.27.4-1

2023-11-17 23:23:29

CVE-2023-3978 affecting package packer for versions less than 1.10.1-1

2024-04-12 05:06:27

veracode

Cross-Site Scripting (XSS)

2023-08-04 04:52:36

redos

ROS-20240408-02

2024-04-08 00:00:00

cvelist

CVE-2023-3978 Improper rendering of text nodes in golang.org/x/net/html

2023-08-02 19:48:56

osv

Improper rendering of text nodes in golang.org/x/net/html

2023-08-02 21:30:20

CVE-2023-3978

2023-08-02 20:15:12

Improper rendering of text nodes in golang.org/x/net/html

2023-08-02 15:06:27

cgr

CVE-2023-3978 vulnerabilities

2024-05-19 03:07:16

cve

CVE-2023-3978

2023-08-02 20:15:12

ubuntucve

CVE-2023-3978

2023-08-02 00:00:00

nvd

CVE-2023-3978

2023-08-02 20:15:12

github

Improper rendering of text nodes in golang.org/x/net/html

2023-08-02 21:30:20

debiancve

CVE-2023-3978

2023-08-02 20:15:12

wolfi

CVE-2023-3978 vulnerabilities

2024-07-01 09:08:36

amazon

Important: nerdctl

2023-11-09 19:19:00

Important: cri-tools

2024-02-01 19:57:00

Important: amazon-ssm-agent

2023-10-12 15:09:00

ibm

Security Bulletin: Multiple vulnerabilities affect IBM CICS TX Advanced 11.1 and IBM CICS TX Standard 11.1 (CVE-2023-3978, CVE-2023-44487 and CVE-2023-39325).

2023-12-06 09:46:53

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

2024-06-25 10:55:14

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from shadow-utils, procps-ng, containerd, urllib3, nghttp2 and Golang

2023-12-15 07:45:06

almalinux

Moderate: podman security, bug fix, and enhancement update

2023-11-07 00:00:00

Moderate: container-tools:4.0 security and bug fix update

2023-11-14 00:00:00

Moderate: container-tools:rhel8 security and bug fix update

2023-11-14 00:00:00

oraclelinux

podman security, bug fix, and enhancement update

2023-11-11 00:00:00

container-tools:4.0 security and bug fix update

2023-11-18 00:00:00

container-tools:ol8 security and bug fix update

2023-11-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.8%

JSON

Related for PRION:CVE-2023-3978