VDB

RHSA-2023%3A3379

RHSA-2023%3A3379 PUBLISHED CVSS 8.100000381469727 HIGH

A flaw was found in golang, where not all valid JavaScript white-space characters were considered white space. Due to this issue, templates containing white-space characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.

Risk Scores

CVSS 3.1
8.100000381469727
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Red Hatadvanced-cluster-security/rhacs-roxctl-rhel8@sha256:98d9268f02f64b676b3d92b80c89ae2bdbe3cafe7b32f97b4a70fb0b4d64bea2_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-roxctl-rhel8@sha256:98d9268f02f64b676b3d92b80c89ae2bdbe3cafe7b32f97b4a70fb0b4d64bea2_amd64
Red Hatadvanced-cluster-security/rhacs-scanner-rhel8@sha256:3579e99d2c9afa5b357fb6f1359629a8be4638ff12eaad0c329c4f158bba765f_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-scanner-rhel8@sha256:3579e99d2c9afa5b357fb6f1359629a8be4638ff12eaad0c329c4f158bba765f_amd64
Red Hatadvanced-cluster-security/rhacs-operator-bundle@sha256:459a8d91beff91638872d377a8b82c279ad2905ce3f4ad4bfc00f6822418ac57_amd64 as a component of RHACS 3.73 for RHEL 8*
Red Hatadvanced-cluster-security/rhacs-scanner-rhel8@sha256:3579e99d2c9afa5b357fb6f1359629a8be4638ff12eaad0c329c4f158bba765f_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-scanner-rhel8@sha256:3579e99d2c9afa5b357fb6f1359629a8be4638ff12eaad0c329c4f158bba765f_amd64
Red Hatadvanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3a565b2d7a6338e41f012642604c1d307ca3e987dfe3788ccfa5c1bedf1cdb87_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3a565b2d7a6338e41f012642604c1d307ca3e987dfe3788ccfa5c1bedf1cdb87_amd64
Red Hatadvanced-cluster-security/rhacs-main-rhel8@sha256:35ba7b18c1c28ecfa2d09893d805b8ede9cdd3bf38a67de8e4dd7d6b2e3e9383_amd64 as a component of RHACS 3.73 for RHEL 8*
Red Hatadvanced-cluster-security/rhacs-rhel8-operator@sha256:b76d0c880313d14551a30ade5b16dea647f22c85bda14d812b92ee9e91464a93_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-rhel8-operator@sha256:b76d0c880313d14551a30ade5b16dea647f22c85bda14d812b92ee9e91464a93_amd64
Red Hatadvanced-cluster-security/rhacs-docs-rhel8@sha256:633d4d46676d03efe1cef6f410a2965ea668677a3b56760bcd37e0146329648e_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-docs-rhel8@sha256:633d4d46676d03efe1cef6f410a2965ea668677a3b56760bcd37e0146329648e_amd64
Red Hatadvanced-cluster-security/rhacs-central-db-rhel8@sha256:a7675ee36f8e523b3d1edcf194104f11a4d48d46f47ca9861dc205124c6074b8_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7675ee36f8e523b3d1edcf194104f11a4d48d46f47ca9861dc205124c6074b8_amd64
Red Hatadvanced-cluster-security/rhacs-main-rhel8@sha256:35ba7b18c1c28ecfa2d09893d805b8ede9cdd3bf38a67de8e4dd7d6b2e3e9383_amd64 as a component of RHACS 3.73 for RHEL 8*
Red Hatadvanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bbfd99b311b433bc680f801bab7fa9302cc4afbd6ab1ce178b8d24c1ada8b345_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bbfd99b311b433bc680f801bab7fa9302cc4afbd6ab1ce178b8d24c1ada8b345_amd64
Red Hatadvanced-cluster-security/rhacs-central-db-rhel8@sha256:a7675ee36f8e523b3d1edcf194104f11a4d48d46f47ca9861dc205124c6074b8_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7675ee36f8e523b3d1edcf194104f11a4d48d46f47ca9861dc205124c6074b8_amd64
Red Hatadvanced-cluster-security/rhacs-rhel8-operator@sha256:b76d0c880313d14551a30ade5b16dea647f22c85bda14d812b92ee9e91464a93_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-rhel8-operator@sha256:b76d0c880313d14551a30ade5b16dea647f22c85bda14d812b92ee9e91464a93_amd64
Red Hatadvanced-cluster-security/rhacs-collector-rhel8@sha256:d47dec1aea6c8b9c6de911d462a9ac21038c8ac767fe6bad9601250fa444b25a_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-collector-rhel8@sha256:d47dec1aea6c8b9c6de911d462a9ac21038c8ac767fe6bad9601250fa444b25a_amd64
Red Hatadvanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e63c6c2f890a874413859b8192cf3cd5f058b035789e77f630d4c76b250f27b0_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e63c6c2f890a874413859b8192cf3cd5f058b035789e77f630d4c76b250f27b0_amd64
Red Hatadvanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3a565b2d7a6338e41f012642604c1d307ca3e987dfe3788ccfa5c1bedf1cdb87_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3a565b2d7a6338e41f012642604c1d307ca3e987dfe3788ccfa5c1bedf1cdb87_amd64
Red Hatadvanced-cluster-security/rhacs-collector-slim-rhel8@sha256:10210433ac4c2b553f62b8c4bcb724d8cf03580a2e69a7345309bc2885e1ca80_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:10210433ac4c2b553f62b8c4bcb724d8cf03580a2e69a7345309bc2885e1ca80_amd64
Red Hatadvanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e63c6c2f890a874413859b8192cf3cd5f058b035789e77f630d4c76b250f27b0_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e63c6c2f890a874413859b8192cf3cd5f058b035789e77f630d4c76b250f27b0_amd64
Red Hatadvanced-cluster-security/rhacs-roxctl-rhel8@sha256:98d9268f02f64b676b3d92b80c89ae2bdbe3cafe7b32f97b4a70fb0b4d64bea2_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-roxctl-rhel8@sha256:98d9268f02f64b676b3d92b80c89ae2bdbe3cafe7b32f97b4a70fb0b4d64bea2_amd64
Red Hatadvanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bbfd99b311b433bc680f801bab7fa9302cc4afbd6ab1ce178b8d24c1ada8b345_amd64 as a component of RHACS 3.73 for RHEL 8advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bbfd99b311b433bc680f801bab7fa9302cc4afbd6ab1ce178b8d24c1ada8b345_amd64

…and 4 more

Exploit Intelligence

Timeline

  • May 31, 2023 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 29, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›