[ALPINE:CVE-2023-29400] go vulnerability

Severity High

Affected Packages 22

Fixed Packages 22

CVEs 1

[From CVE-2023-29400] Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.

Package	Affected Version
pkg:apk/alpine/go?arch=x86_64&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.17	< 1.19.9-r0
pkg:apk/alpine/go?arch=x86&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=x86&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=x86&distro=alpine-3.17	< 1.19.9-r0
pkg:apk/alpine/go?arch=s390x&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=s390x&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=s390x&distro=alpine-3.17	< 1.19.9-r0
pkg:apk/alpine/go?arch=riscv64&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=ppc64le&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.17	< 1.19.9-r0
pkg:apk/alpine/go?arch=armv7&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=armv7&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=armv7&distro=alpine-3.17	< 1.19.9-r0
pkg:apk/alpine/go?arch=armhf&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=armhf&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=armhf&distro=alpine-3.17	< 1.19.9-r0
pkg:apk/alpine/go?arch=aarch64&distro=alpine-edge	< 1.20.4-r0
pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.18	< 1.20.4-r0
pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.17	< 1.19.9-r0

Package	Fixed Version
pkg:apk/alpine/go?arch=x86_64&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.17	= 1.19.9-r0
pkg:apk/alpine/go?arch=x86&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=x86&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=x86&distro=alpine-3.17	= 1.19.9-r0
pkg:apk/alpine/go?arch=s390x&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=s390x&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=s390x&distro=alpine-3.17	= 1.19.9-r0
pkg:apk/alpine/go?arch=riscv64&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=ppc64le&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.17	= 1.19.9-r0
pkg:apk/alpine/go?arch=armv7&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=armv7&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=armv7&distro=alpine-3.17	= 1.19.9-r0
pkg:apk/alpine/go?arch=armhf&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=armhf&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=armhf&distro=alpine-3.17	= 1.19.9-r0
pkg:apk/alpine/go?arch=aarch64&distro=alpine-edge	= 1.20.4-r0
pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.18	= 1.20.4-r0
pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.17	= 1.19.9-r0

ID

ALPINE:CVE-2023-29400

Severity

high

Severity from

CVE-2023-29400

URL

https://security.alpinelinux.org/vuln/CVE-2023-29400

Published

2023-05-11T16:15:09
(16 months ago)

Modified

2023-05-11T16:15:09
(16 months ago)

Rights

Alpine Linux Security Team

Other Advisories

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Fixed	pkg:apk/alpine/go?arch=x86_64&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	x86_64
Affected	pkg:apk/alpine/go?arch=x86_64&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	x86_64
Fixed	pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	x86_64
Affected	pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	x86_64
Fixed	pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	x86_64
Affected	pkg:apk/alpine/go?arch=x86_64&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	x86_64
Fixed	pkg:apk/alpine/go?arch=x86&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	x86
Affected	pkg:apk/alpine/go?arch=x86&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	x86
Fixed	pkg:apk/alpine/go?arch=x86&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	x86
Affected	pkg:apk/alpine/go?arch=x86&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	x86
Fixed	pkg:apk/alpine/go?arch=x86&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	x86
Affected	pkg:apk/alpine/go?arch=x86&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	x86
Fixed	pkg:apk/alpine/go?arch=s390x&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	s390x
Affected	pkg:apk/alpine/go?arch=s390x&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	s390x
Fixed	pkg:apk/alpine/go?arch=s390x&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	s390x
Affected	pkg:apk/alpine/go?arch=s390x&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	s390x
Fixed	pkg:apk/alpine/go?arch=s390x&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	s390x
Affected	pkg:apk/alpine/go?arch=s390x&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	s390x
Fixed	pkg:apk/alpine/go?arch=riscv64&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	riscv64
Affected	pkg:apk/alpine/go?arch=riscv64&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	riscv64
Fixed	pkg:apk/alpine/go?arch=ppc64le&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	ppc64le
Affected	pkg:apk/alpine/go?arch=ppc64le&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	ppc64le
Fixed	pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	ppc64le
Affected	pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	ppc64le
Fixed	pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	ppc64le
Affected	pkg:apk/alpine/go?arch=ppc64le&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	ppc64le
Fixed	pkg:apk/alpine/go?arch=armv7&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	armv7
Affected	pkg:apk/alpine/go?arch=armv7&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	armv7
Fixed	pkg:apk/alpine/go?arch=armv7&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	armv7
Affected	pkg:apk/alpine/go?arch=armv7&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	armv7
Fixed	pkg:apk/alpine/go?arch=armv7&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	armv7
Affected	pkg:apk/alpine/go?arch=armv7&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	armv7
Fixed	pkg:apk/alpine/go?arch=armhf&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	armhf
Affected	pkg:apk/alpine/go?arch=armhf&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	armhf
Fixed	pkg:apk/alpine/go?arch=armhf&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	armhf
Affected	pkg:apk/alpine/go?arch=armhf&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	armhf
Fixed	pkg:apk/alpine/go?arch=armhf&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	armhf
Affected	pkg:apk/alpine/go?arch=armhf&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	armhf
Fixed	pkg:apk/alpine/go?arch=aarch64&distro=alpine-edge	alpine	go	= 1.20.4-r0	alpine-edge	aarch64
Affected	pkg:apk/alpine/go?arch=aarch64&distro=alpine-edge	alpine	go	< 1.20.4-r0	alpine-edge	aarch64
Fixed	pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.18	alpine	go	= 1.20.4-r0	alpine-3.18	aarch64
Affected	pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.18	alpine	go	< 1.20.4-r0	alpine-3.18	aarch64
Fixed	pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.17	alpine	go	= 1.19.9-r0	alpine-3.17	aarch64
Affected	pkg:apk/alpine/go?arch=aarch64&distro=alpine-3.17	alpine	go	< 1.19.9-r0	alpine-3.17	aarch64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date