Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALASECS-2023-019

Related Vulnerabilities: CVE-2023-24538   CVE-2023-24540   CVE-2023-39325  

Templates did not properly consider backticks (`) as Javascript string delimiters, and as such didnot escape them as expected. Backticks are used, since ES6, for JS template literals. If a templatecontained a Go template action within a Javascript template literal, the contents of the action couldbe used to terminate the literal, injecting arbitrary Javascript code into the Go template. (CVE-2023-24538) html/template: improper handling of JavaScript whitespace. Not all valid JavaScript whitespace characters were considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. (CVE-2023-24540) The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. (CVE-2023-39325)

Source

ALASECS-2023-019

Amazon Linux 2 Security Advisory: ALASECS-2023-019
Advisory Release Date: 2023-10-31 00:17 Pacific
Advisory Updated Date: 2023-11-01 00:49 Pacific
Severity: Important
Issue Overview:

Templates did not properly consider backticks (`) as Javascript string delimiters, and as such did
not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template
contained a Go template action within a Javascript template literal, the contents of the action could
be used to terminate the literal, injecting arbitrary Javascript code into the Go template. (CVE-2023-24538)

html/template: improper handling of JavaScript whitespace.

Not all valid JavaScript whitespace characters were considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. (CVE-2023-24540)

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. (CVE-2023-39325)


Affected Packages:

docker


Issue Correction:
Run yum update docker to update your system.

New Packages:
aarch64:
    docker-20.10.25-1.amzn2.0.3.aarch64
    docker-debuginfo-20.10.25-1.amzn2.0.3.aarch64

src:
    docker-20.10.25-1.amzn2.0.3.src

x86_64:
    docker-20.10.25-1.amzn2.0.3.x86_64
    docker-debuginfo-20.10.25-1.amzn2.0.3.x86_64

Additional References

Red Hat: CVE-2023-24538, CVE-2023-24540, CVE-2023-39325

Mitre: CVE-2023-24538, CVE-2023-24540, CVE-2023-39325

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started