Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALAS-2023-1760

Related Vulnerabilities: CVE-2023-24539   CVE-2023-24540   CVE-2023-29400  

html/template: improper sanitization of CSS values Angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for injection of unexpected HMTL, if executed with untrusted input. (CVE-2023-24539) html/template: improper handling of JavaScript whitespace. Not all valid JavaScript whitespace characters were considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. (CVE-2023-24540) html/template: improper handling of empty HTML attributes. Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input could result in output that would have unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags. (CVE-2023-29400)

Source

ALAS-2023-1760

Amazon Linux AMI Security Advisory: ALAS-2023-1760
Advisory Release Date: 2023-06-05 16:39 Pacific
Advisory Updated Date: 2023-06-08 23:39 Pacific
Severity: Important
Issue Overview:

html/template: improper sanitization of CSS values

Angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for injection of unexpected HMTL, if executed with untrusted input. (CVE-2023-24539)

html/template: improper handling of JavaScript whitespace.

Not all valid JavaScript whitespace characters were considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. (CVE-2023-24540)

html/template: improper handling of empty HTML attributes.

Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input could result in output that would have unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags. (CVE-2023-29400)


Affected Packages:

golang


Issue Correction:
Run yum update golang to update your system.

New Packages:
i686:
    golang-shared-1.18.6-1.44.amzn1.i686
    golang-bin-1.18.6-1.44.amzn1.i686
    golang-1.18.6-1.44.amzn1.i686

noarch:
    golang-misc-1.18.6-1.44.amzn1.noarch
    golang-docs-1.18.6-1.44.amzn1.noarch
    golang-src-1.18.6-1.44.amzn1.noarch
    golang-tests-1.18.6-1.44.amzn1.noarch

src:
    golang-1.18.6-1.44.amzn1.src

x86_64:
    golang-bin-1.18.6-1.44.amzn1.x86_64
    golang-shared-1.18.6-1.44.amzn1.x86_64
    golang-race-1.18.6-1.44.amzn1.x86_64
    golang-1.18.6-1.44.amzn1.x86_64

Additional References

Red Hat: CVE-2023-24539, CVE-2023-24540, CVE-2023-29400

Mitre: CVE-2023-24539, CVE-2023-24540, CVE-2023-29400

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started