CVE-2023-24539

ADVISORY - nist

Summary

Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input.

EPSS Score⁠: 0.00902 (0.731)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-74⁠

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-94⁠

Improper Control of Generation of Code ('Code Injection')

ADVISORY - redhat

CWE-176⁠

Improper Handling of Unicode Encoding

Impacted images

Advisories

GoLang

CREATED

2 years ago

UPDATED

10 months ago

ADVISORY IDGO-2023-1751⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
stdlib	golang	-	-	<1.19.9	1.19.9
stdlib	golang	-	-	>=1.20.0-0,<1.20.4	1.20.4

Severity and metrics

No CVSS data available from this advisory.

NIST

CREATED

2 years ago

UPDATED

2 months ago

ADVISORY IDCVE-2023-24539⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-74⁠CWE-94⁠

CVSS SCORE

7.3high

Alpine

CREATED

2 years ago

UPDATED

24 days ago

ADVISORY IDCVE-2023-24539⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

2 years ago

UPDATED

17 days ago

ADVISORY IDCVE-2023-24539⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

2 years ago

UPDATED

17 days ago

ADVISORY IDCVE-2023-24539⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.3medium

Alma

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALSA-2023:6346⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALSA-2023:6363⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALSA-2023:6402⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALSA-2023:6473⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALSA-2023:6474⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALSA-2023:6938⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALSA-2023:6939⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALAS-2023-1760⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALAS2-2023-2052⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALAS2023-2023-209⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Bitnami

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY ID

BIT-2023-24539

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Bitnami

CREATED

1 year ago

UPDATED

4 months ago

ADVISORY ID

BIT-golang-2023-24539

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.3high

Red Hat

CREATED

2 years ago

UPDATED

11 days ago

ADVISORY IDCVE-2023-24539⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-176⁠

CVSS SCORE

7.3medium

Oracle

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDELSA-2023-6363⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDELSA-2023-6402⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDELSA-2023-6473⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDELSA-2023-6474⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDELSA-2023-6938⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDELSA-2023-6939⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Chainguard

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY ID

CGA-2jmc-7fpv-2hp8

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY ID

CGA-4xhc-r97c-m383

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY ID

CGA-fxrv-mppc-gxqv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY ID

CGA-g846-mh99-gv44

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY