VulnerableCode Package Details - pkg:deb/debian/golang-golang-x-net@1:0.11.0-1

Search for packages

Package details: pkg:deb/debian/golang-golang-x-net@1:0.11.0-1

Essentials
History (3)

purl	pkg:deb/debian/golang-golang-x-net@1:0.11.0-1
Tags	Ghost

Next non-vulnerable version	1:0.19.0+dfsg-1
Latest non-vulnerable version	1:0.19.0+dfsg-1
Risk	3.5

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-qujn-wrf7-aaaq Aliases: CVE-2023-3978 GHSA-2wrh-6pvc-2jm9	Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.	1:0.15.0-2 Affected by 0 other vulnerabilities. 1:0.19.0+dfsg-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-qujn-wrf7-aaaq
Aliases:
CVE-2023-3978
GHSA-2wrh-6pvc-2jm9

Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.

1:0.15.0-2
Affected by 0 other vulnerabilities.

1:0.19.0+dfsg-1
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2024-04-26T04:25:22.412711+00:00	Debian Importer	Affected by	VCID-qujn-wrf7-aaaq	None	34.0.0rc4
2024-01-12T13:53:38.307040+00:00	Debian Importer	Affected by	VCID-qujn-wrf7-aaaq	None	34.0.0rc2
2024-01-05T09:27:26.985482+00:00	Debian Importer	Affected by	VCID-qujn-wrf7-aaaq	None	34.0.0rc1