[ALPINE:CVE-2023-24539] go vulnerability

Severity High

Affected Packages 22

Fixed Packages 22

CVEs 1

[From CVE-2023-24539] Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input.

Package	Affected Version
pkg:apk/alpine/go?arch=x86_64&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.17	< 1.19.9-r0
pkg:apk/alpine/go?arch=x86&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=x86&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=x86&distro=alpine-3.17	< 1.19.9-r0
pkg:apk/alpine/go?arch=s390x&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=s390x&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=s390x&distro=alpine-3.17	< 1.19.9-r0
pkg:apk/alpine/go?arch=riscv64&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=ppc64le&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.17	< 1.19.9-r0
pkg:apk/alpine/go?arch=armv7&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=armv7&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=armv7&distro=alpine-3.17	< 1.19.9-r0
pkg:apk/alpine/go?arch=armhf&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=armhf&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=armhf&distro=alpine-3.17	< 1.19.9-r0
pkg:apk/alpine/go?arch=aarch64&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.17	< 1.19.9-r0

Package	Fixed Version
pkg:apk/alpine/go?arch=x86_64&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.17	= 1.19.9-r0
pkg:apk/alpine/go?arch=x86&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=x86&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=x86&distro=alpine-3.17	= 1.19.9-r0
pkg:apk/alpine/go?arch=s390x&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=s390x&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=s390x&distro=alpine-3.17	= 1.19.9-r0
pkg:apk/alpine/go?arch=riscv64&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=ppc64le&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.17	= 1.19.9-r0
pkg:apk/alpine/go?arch=armv7&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=armv7&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=armv7&distro=alpine-3.17	= 1.19.9-r0
pkg:apk/alpine/go?arch=armhf&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=armhf&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=armhf&distro=alpine-3.17	= 1.19.9-r0
pkg:apk/alpine/go?arch=aarch64&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.17	= 1.19.9-r0

ID

ALPINE:CVE-2023-24539

Severity

high

Severity from

CVE-2023-24539

URL

https://security.alpinelinux.org/vuln/CVE-2023-24539

Published

2023-05-11T16:15:09
(16 months ago)

Modified

2023-05-11T16:15:09
(16 months ago)

Rights

Alpine Linux Security Team

Other Advisories

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Fixed	pkg:apk/alpine/go?arch=x86_64&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	x86_64
Affected	pkg:apk/alpine/go?arch=x86_64&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	x86_64
Fixed	pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	x86_64
Affected	pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	x86_64
Fixed	pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	x86_64
Affected	pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	x86_64
Fixed	pkg:apk/alpine/go?arch=x86&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	x86
Affected	pkg:apk/alpine/go?arch=x86&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	x86
Fixed	pkg:apk/alpine/go?arch=x86&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	x86
Affected	pkg:apk/alpine/go?arch=x86&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	x86
Fixed	pkg:apk/alpine/go?arch=x86&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	x86
Affected	pkg:apk/alpine/go?arch=x86&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	x86
Fixed	pkg:apk/alpine/go?arch=s390x&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	s390x
Affected	pkg:apk/alpine/go?arch=s390x&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	s390x
Fixed	pkg:apk/alpine/go?arch=s390x&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	s390x
Affected	pkg:apk/alpine/go?arch=s390x&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	s390x
Fixed	pkg:apk/alpine/go?arch=s390x&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	s390x
Affected	pkg:apk/alpine/go?arch=s390x&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	s390x
Fixed	pkg:apk/alpine/go?arch=riscv64&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	riscv64
Affected	pkg:apk/alpine/go?arch=riscv64&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	riscv64
Fixed	pkg:apk/alpine/go?arch=ppc64le&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	ppc64le
Affected	pkg:apk/alpine/go?arch=ppc64le&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	ppc64le
Fixed	pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	ppc64le
Affected	pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	ppc64le
Fixed	pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	ppc64le
Affected	pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	ppc64le
Fixed	pkg:apk/alpine/go?arch=armv7&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	armv7
Affected	pkg:apk/alpine/go?arch=armv7&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	armv7
Fixed	pkg:apk/alpine/go?arch=armv7&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	armv7
Affected	pkg:apk/alpine/go?arch=armv7&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	armv7
Fixed	pkg:apk/alpine/go?arch=armv7&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	armv7
Affected	pkg:apk/alpine/go?arch=armv7&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	armv7
Fixed	pkg:apk/alpine/go?arch=armhf&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	armhf
Affected	pkg:apk/alpine/go?arch=armhf&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	armhf
Fixed	pkg:apk/alpine/go?arch=armhf&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	armhf
Affected	pkg:apk/alpine/go?arch=armhf&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	armhf
Fixed	pkg:apk/alpine/go?arch=armhf&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	armhf
Affected	pkg:apk/alpine/go?arch=armhf&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	armhf
Fixed	pkg:apk/alpine/go?arch=aarch64&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	aarch64
Affected	pkg:apk/alpine/go?arch=aarch64&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	aarch64
Fixed	pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	aarch64
Affected	pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	aarch64
Fixed	pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	aarch64
Affected	pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	aarch64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date