CVE-2023-3978
02.08.2023, 20:15
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| golang | networking | 𝑥 < 0.13.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| containerd |
| ||||||||||||||||||
| golang-golang-x-net |
| ||||||||||||||||||
| golang-golang-x-net-dev |
| ||||||||||||||||||
| google-guest-agent |
|
Red Hat Enterprise Linux Releases
Amazon Linux Releases
Amazon Package | |||||
|---|---|---|---|---|---|
| amazon-ssm-agent |
| ||||
| amazon-ssm-agent-debuginfo |
| ||||
| amazon-ssm-agent-debugsource |
| ||||
| cri-tools |
| ||||
| cri-tools-debuginfo |
| ||||
| ecs-init |
| ||||
| nerdctl |
| ||||
| nerdctl-debuginfo |
|
Azure Linux Releases
Azure Package | |||||
|---|---|---|---|---|---|
| application-gateway-kubernetes-ingress |
| ||||
| cert-manager |
| ||||
| cni-plugins |
| ||||
| containerized-data-importer |
| ||||
| kubevirt |
| ||||
| multus |
| ||||
| packer |
| ||||
| podman |
| ||||
| prometheus-adapter |
| ||||
| telegraf |
| ||||
| vitess |
|