GO-2024-2534
- Source
- https://pkg.go.dev/vuln/GO-2024-2534
- Import Source
- https://vuln.go.dev/ID/GO-2024-2534.json
- JSON Data
- https://api.osv.dev/v1/vulns/GO-2024-2534
- Aliases
-
- CVE-2023-32192
- GHSA-833m-37f7-jq55
- Published
- 2024-02-15T21:14:33Z
- Modified
- 2024-05-20T16:03:47Z
- Summary
- Unauthenticated cross-site scripting in github.com/rancher/apiserver
- Details
-
Unauthenticated cross-site scripting in github.com/rancher/apiserver
- Database specific
{ "url": "https://pkg.go.dev/vuln/GO-2024-2534", "review_status": "REVIEWED" }- References
-
- https://github.com/rancher/apiserver/security/advisories/GHSA-833m-37f7-jq55
- https://github.com/rancher/apiserver/commit/4df268e250f625fa323349062636496e0aeff4e4
- https://github.com/rancher/apiserver/commit/4e102cf0d07b1af3d10d82c3e5a751a869b8a6c7
- https://github.com/rancher/apiserver/commit/4fd7d821d952510bfe38c9d4a3e2a65157f50525
- https://github.com/rancher/apiserver/commit/69b3c2b56f3fa5a421889c533dada8cd08783cda
- https://github.com/rancher/apiserver/commit/97a10a30200cb851afd8ee85ee6b2295c4b6e5ee
- https://github.com/rancher/apiserver/commit/a3b9e3721c1b558ee63aec9594e37c223a5c8437
- Credits
-
-
- diego95root
-
- kujalamathias
-
Affected packages
Go / github.com/rancher/apiserver
Package
- Name
- github.com/rancher/apiserver
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/rancher/apiserver
Affected ranges
- Type
- SEMVER
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.0.0-20240207153957-4fd7d821d952
Ecosystem specific
{
"imports": [
{
"symbols": [
"HTMLResponseWriter.Write",
"HTMLResponseWriter.WriteList",
"HTMLResponseWriter.write"
],
"path": "github.com/rancher/apiserver/pkg/writer"
},
{
"symbols": [
"New",
"NewPrefixed",
"ParseRequestURL"
],
"path": "github.com/rancher/apiserver/pkg/urlbuilder"
}
]
}