Google Git
Sign in
go / vulndb / 878e33a2036b83c7eb654333e0e6bf3b3d03d0d7 / . / data / osv / GO-2024-2534.json
blob: 2f3f6a353303d14b190428e352106800bb5d16bd [file] [log] [blame]
{
"schema_version": "1.3.1",
"id": "GO-2024-2534",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"aliases": [
"CVE-2023-32192",
"GHSA-833m-37f7-jq55"
],
"summary": "Unauthenticated cross-site scripting in github.com/rancher/apiserver",
"details": "Unauthenticated cross-site scripting in github.com/rancher/apiserver",
"affected": [
{
"package": {
"name": "github.com/rancher/apiserver",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "0.0.0-20240207153957-4fd7d821d952"
}
]
}
],
"ecosystem_specific": {
"imports": [
{
"path": "github.com/rancher/apiserver/pkg/writer",
"symbols": [
"HTMLResponseWriter.Write",
"HTMLResponseWriter.WriteList",
"HTMLResponseWriter.write"
]
},
{
"path": "github.com/rancher/apiserver/pkg/urlbuilder",
"symbols": [
"New",
"NewPrefixed",
"ParseRequestURL"
]
}
]
}
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/rancher/apiserver/security/advisories/GHSA-833m-37f7-jq55"
},
{
"type": "FIX",
"url": "https://github.com/rancher/apiserver/commit/4df268e250f625fa323349062636496e0aeff4e4"
},
{
"type": "FIX",
"url": "https://github.com/rancher/apiserver/commit/4e102cf0d07b1af3d10d82c3e5a751a869b8a6c7"
},
{
"type": "FIX",
"url": "https://github.com/rancher/apiserver/commit/4fd7d821d952510bfe38c9d4a3e2a65157f50525"
},
{
"type": "FIX",
"url": "https://github.com/rancher/apiserver/commit/69b3c2b56f3fa5a421889c533dada8cd08783cda"
},
{
"type": "FIX",
"url": "https://github.com/rancher/apiserver/commit/97a10a30200cb851afd8ee85ee6b2295c4b6e5ee"
},
{
"type": "FIX",
"url": "https://github.com/rancher/apiserver/commit/a3b9e3721c1b558ee63aec9594e37c223a5c8437"
}
],
"credits": [
{
"name": "diego95root"
},
{
"name": "kujalamathias"
}
],
"database_specific": {
"url": "https://pkg.go.dev/vuln/GO-2024-2534"
}
}