If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
History

Thu, 14 Nov 2024 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat openstack Podified
CPEs cpe:/a:redhat:openstack_podified:1.0::el9
Vendors & Products Redhat openstack Podified

Fri, 06 Sep 2024 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat openshift Builds
CPEs cpe:/a:redhat:openshift_builds:1.1::el9
Vendors & Products Redhat openshift Builds

cve-icon MITRE

Status: PUBLISHED

Assigner: Go

Published: 2024-03-05T22:22:33.640Z

Updated: 2024-08-01T23:28:12.537Z

Reserved: 2024-01-30T16:05:14.757Z

Link: CVE-2024-24785

cve-icon Vulnrichment

Updated: 2024-08-01T23:28:12.537Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-05T23:15:07.777

Modified: 2024-05-01T17:15:29.610

Link: CVE-2024-24785

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-03-05T00:00:00Z

Links: CVE-2024-24785 - Bugzilla