Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

Redhat.comRH:CVE-2023-39318

HistorySep 13, 2023 - 6:54 a.m.

Vulners
/
Redhatcve
/
CVE-2023-39318

CVE-2023-39318

2023-09-1306:54:11

redhat.com

access.redhat.com

golang

html/template

flaw

comment tokens

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

50.5%

JSON

A flaw was found in Golang. The html/template package did not properly handle HMTL-like “” comment tokens, nor hashbang “#!” comment tokens, in

References

bugzilla.redhat.com/show_bug.cgi?id=2237776

go.dev/cl/526156

go.dev/issue/62196

groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ

nvd.nist.gov/vuln/detail/CVE-2023-39318

vuln.go.dev/ID/GO-2023-2041.json

www.cve.org/CVERecord?id=CVE-2023-39318

alpinelinux 1

veracode 2

osv 15

cbl_mariner 3

prion 1

nvd 1

ubuntucve 1

debiancve 1

cgr 1

cve 1

cvelist 1

vulnrichment 1

wolfi 1

nessus 48

ibm 18

openvas 11

redos 1

almalinux 6

redhat 33

photon 3

oraclelinux 6

amazon 1

freebsd 1

ubuntu 1

gentoo 1

oracle 1

alpinelinux

CVE-2023-39318

2023-09-08 17:15:27

veracode

Cross-Site Scripting (XSS)

2023-10-03 07:01:30

Cross-Site Scripting (XSS)

2023-10-02 20:15:16

osv

CGA-jh9g-37wg-xgw7

2024-06-06 12:26:06

CVE-2023-39318

2023-09-08 17:15:27

BIT-golang-2023-39318

2024-03-06 10:54:41

cbl_mariner

CVE-2023-39318 affecting package golang for versions less than 1.20.10-1

2024-10-01 22:11:46

CVE-2023-39318 affecting package golang for versions less than 1.20.10-1

2024-10-01 22:11:53

CVE-2023-39318 affecting package msft-golang for versions less than 1.20.10-1

2024-10-01 22:11:53

prion

Hardcoded credentials

2023-09-08 17:15:00

nvd

CVE-2023-39318

2023-09-08 17:15:27

ubuntucve

CVE-2023-39318

2023-09-08 00:00:00

debiancve

CVE-2023-39318

2023-09-08 17:15:27

cgr

CVE-2023-39318 vulnerabilities

2024-05-19 03:07:16

cve

CVE-2023-39318

2023-09-08 17:15:27

cvelist

CVE-2023-39318 Improper handling of HTML-like comments in script contexts in html/template

2023-09-08 16:13:24

vulnrichment

CVE-2023-39318 Improper handling of HTML-like comments in script contexts in html/template

2023-09-08 16:13:24

wolfi

CVE-2023-39318 vulnerabilities

2024-10-01 21:13:23

nessus

Oracle Linux 9 : podman (ELSA-2023-7765)

2023-12-15 00:00:00

Photon OS 5.0: Go PHSA-2023-5.0-0108

2024-07-24 00:00:00

Photon OS 3.0: Go PHSA-2023-3.0-0665

2024-07-24 00:00:00

ibm

Security Bulletin: Multiple vulnerabilities in Golang Go affect IBM CICS TX Advanced 11.1 and IBM CICS TX Standard 11.1 (CVE-2023-39318 and CVE-2023-39319).

2023-12-06 09:49:59

Security Bulletin: Vulnerabilities in Golang Go affect Cloud pak System [CVE-2023-39319, CVE-2023-39318]

2024-08-01 18:47:05

Security Bulletin: Operations Dashboard is vulnerable to remote code execution and cross-site scripting due to Go CVE-2023-39319, CVE-2023-39323, CVE-2023-39318

2024-01-11 16:40:11

openvas

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:3700-1)

2024-03-04 00:00:00

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:3840-1)

2024-03-04 00:00:00

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-3213)

2023-11-10 00:00:00

redos

ROS-20241001-02

2024-10-01 00:00:00

almalinux

Moderate: toolbox security update

2024-04-30 00:00:00

Moderate: buildah security update

2023-12-12 00:00:00

Moderate: containernetworking-plugins security update

2023-12-12 00:00:00

redhat

(RHSA-2024:2160) Moderate: toolbox security update

2024-04-30 06:14:54

(RHSA-2023:7762) Moderate: skopeo security update

2023-12-12 16:42:25

(RHSA-2023:7765) Moderate: podman security update

2023-12-12 16:42:34

photon

Important Photon OS Security Update - PHSA-2023-3.0-0665

2023-10-10 00:00:00

Important Photon OS Security Update - PHSA-2023-5.0-0108

2023-10-05 00:00:00

Moderate Photon OS Security Update - PHSA-2023-4.0-0484

2023-10-05 00:00:00

oraclelinux

buildah security update

2023-12-14 00:00:00

skopeo security update

2023-12-13 00:00:00

containernetworking-plugins security update

2023-12-13 00:00:00

amazon

Important: golang

2023-10-16 13:45:00

freebsd

go -- multiple vulnerabilities

2023-09-06 00:00:00

ubuntu

Go vulnerabilities

2024-01-11 00:00:00

gentoo

Go: Multiple Vulnerabilities

2023-11-25 00:00:00

oracle

Oracle Critical Patch Update Advisory - January 2024

2024-01-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

50.5%

JSON

Related for RH:CVE-2023-39318