VYPR

rpm package

suse/go1.21&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5

pkg:rpm/suse/go1.21&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5

Vulnerabilities (22)

  • CVE-2023-39319MedSep 8, 2023
    affected < 1.21.1-150000.1.6.1fixed 1.21.1-150000.1.6.1

    The html/template package does not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be

  • CVE-2023-39318MedSep 8, 2023
    affected < 1.21.1-150000.1.6.1fixed 1.21.1-150000.1.6.1

    The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "#!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may

Page 2 of 2

VYPR — Vulnerability Intelligence