Vulnerability Database
Blog
FAQ
Docs
GO-2024-2675
See a problem?
Source
https://pkg.go.dev/vuln/GO-2024-2675
Import Source
https://vuln.go.dev/ID/GO-2024-2675.json
JSON Data
https://api.osv.dev/v1/vulns/GO-2024-2675
Aliases
CVE-2024-2435
GHSA-8f25-w7qj-r7hc
Published
2024-06-04T15:19:21Z
Modified
2024-06-28T15:28:40Z
Summary
Temporal UI Server cross-site scripting vulnerability in github.com/temporalio/ui-server
Details
Temporal UI Server cross-site scripting vulnerability in github.com/temporalio/ui-server
References
https://github.com/advisories/GHSA-8f25-w7qj-r7hc
https://nvd.nist.gov/vuln/detail/CVE-2024-2435
https://github.com/temporalio/ui-server/releases/tag/v2.25.0
Affected packages
Go
/
github.com/temporalio/ui-server
Package
Name
github.com/temporalio/ui-server
View open source insights on deps.dev
Purl
pkg:golang/github.com/temporalio/ui-server
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Go
/
github.com/temporalio/ui-server/v2
Package
Name
github.com/temporalio/ui-server/v2
View open source insights on deps.dev
Purl
pkg:golang/github.com/temporalio/ui-server/v2
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2.25.0
GO-2024-2675 - OSV