FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-20 14:15:46 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
78f2e491-312d-11ee-85f2-bd89b893fcb4go -- multiple vulnerabilities

The Go project reports:

crypto/tls: restrict RSA keys in certificates to <= 8192 bits

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. Limit this by restricting the size of RSA keys transmitted during handshakes to <= 8192 bits.

net/http: insufficient sanitization of Host header

The HTTP/1 client did not fully validate the contents of the Host header. A maliciously crafted Host header could inject additional headers or entire requests. The HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.

cmd/go: cgo code injection

The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo.

runtime: unexpected behavior of setuid/setgid binaries

The Go runtime didn't act any differently when a binary had the setuid/setgid bit set. On Unix platforms, if a setuid/setgid binary was executed with standard I/O file descriptors closed, opening any files could result in unexpected content being read/written with elevated prilieges. Similarly if a setuid/setgid program was terminated, either via panic or signal, it could leak the contents of its registers.

cmd/go: improper sanitization of LDFLAGS

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive.

html/template: improper sanitization of CSS values

Angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for injection of unexpected HMTL, if executed with untrusted input.

html/template: improper handling of JavaScript whitespace

Not all valid JavaScript whitespace characters were considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.

html/template: improper handling of empty HTML attributes

Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input could result in output that would have unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.


Discovery 2023-04-27
Entry 2023-08-02
go119
< 1.19.12

go120
< 1.20.7

CVE-2023-29406
CVE-2023-29402
CVE-2023-29403
CVE-2023-29404
CVE-2023-24539
CVE-2023-24540
CVE-2023-29400
https://groups.google.com/u/1/g/golang-announce/c/X0b6CsSAaYI
https://groups.google.com/u/1/g/golang-announce/c/2q13H6LEEx0
https://groups.google.com/u/1/g/golang-announce/c/q5135a9d924
https://groups.google.com/u/1/g/golang-announce/c/MEb0UyuSMsU