VDB

GCVE-VVD-MAGEIA-2023-145

GCVE-VVD-MAGEIA-2023-145
Advisory Published
Vulnetix · Advisory published December 15, 2023
DOS due to incorrect HTTP and MIME header parsing (CVE-2023-24534) DOS due to incorrect Multipart form parsing (CVE-2023-24536) Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow. (CVE-2023-24537) Arbitrary Javascript code execution due to failure to escape back ticks (CVE-2023-24538)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaelograf0 (affected), 0.5.8-1.mga9 (unaffected)
Mageianerd-dictation0 (affected), git20230705-1.mga9 (unaffected)
Mageiadotool0 (affected), 1.3-0.git20230827.1.1.mga9 (unaffected)
Oracle Cloudfunctions
Salesforceflow
Azurefunctions
Mageiagolang0 (affected), 1.19.8-1.mga8 (unaffected), 0 (affected), 1.19.8-1.mga8 (unaffected)

References

Updated golang packages fix security vulnerability
advisory
Updated golang packages fix security vulnerability
issue
Updated golang packages fix security vulnerability
issue
Updated golang packages fix security vulnerability
issue
Updated golang packages fix security vulnerability
issue
Updated golang packages fix security vulnerability
issue
Updated golang packages fix security vulnerability
issue
Updated dotool, elograf and nerd-dictation packages enable usage in Wayland
advisory
Updated dotool, elograf and nerd-dictation packages enable usage in Wayland
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›