Templates did not properly consider backticks (`) as Javascript string delimiters, and as such did
not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template
contained a Go template action within a Javascript template literal, the contents of the action could
be used to terminate the literal, injecting arbitrary Javascript code into the Go template.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | amazon-ssm-agent | 2023-10-12 15:48 | ALAS-2023-1866 |
Amazon Linux 2 - Core | amazon-ssm-agent | 2023-10-12 15:09 | ALAS2-2023-2303 |
Amazon Linux 2023 | amazon-ssm-agent | 2023-10-12 16:11 | ALAS2023-2023-388 |
Amazon Linux 2 - Docker Extra | containerd | 2023-08-17 17:04 | ALAS2DOCKER-2023-029 |
Amazon Linux 2 - Aws-nitro-enclaves-cli Extra | containerd | 2023-08-03 19:42 | ALAS2NITRO-ENCLAVES-2023-026 |
Amazon Linux 2 - Docker Extra | docker | 2023-10-18 16:53 | ALAS2DOCKER-2023-031 |
Amazon Linux 2 - Ecs Extra | docker | 2023-10-31 00:17 | ALAS2ECS-2023-019 |
Amazon Linux 2 - Aws-nitro-enclaves-cli Extra | docker | 2023-10-18 16:51 | ALAS2NITRO-ENCLAVES-2023-030 |
Amazon Linux 1 | golang | 2023-04-13 19:01 | ALAS-2023-1731 |
Amazon Linux 1 | golang | 2023-09-27 22:15 | ALAS-2023-1848 |
Amazon Linux 2 - Core | golang | 2023-04-13 19:28 | ALAS2-2023-2015 |
Amazon Linux 2 - Core | golang | 2023-07-20 17:29 | ALAS2-2023-2163 |
Amazon Linux 2 - Golang1.19 Extra | golang | 2023-08-07 05:59 | ALAS2GOLANG1.19-2023-001 |
Amazon Linux 2023 | golang | 2023-04-27 20:00 | ALAS2023-2023-175 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv3 | 5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
NVD | CVSSv3 | 9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |