MGASA-2023-0096 - Updated perl-HTML-StripScripts packages fix security vulnerability Publication date: 18 Mar 2023 URL: https://advisories.mageia.org/MGASA-2023-0096.html Type: security Affected Mageia releases: 8 CVE: CVE-2023-24038 The HTML-StripScripts module through 1.06 for Perl allows _hss_attval_style ReDoS because of catastrophic backtracking for HTML content with certain style attributes. (CVE-2023-24038) References: - https://bugs.mageia.org/show_bug.cgi?id=31495 - https://www.debian.org/lts/security/2023/dla-3296 - https://www.debian.org/security/2023/dsa-5339 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24038 SRPMS: - 8/core/perl-HTML-StripScripts-1.60.0-3.1.mga8
Mageia 2023-0096: perl-HTML-StripScripts security update
The HTML-StripScripts module through 1.06 for Perl allows _hss_attval_style ReDoS because of catastrophic backtracking for HTML content with certain style attributes
Summary
The HTML-StripScripts module through 1.06 for Perl allows _hss_attval_style
ReDoS because of catastrophic backtracking for HTML content with certain
style attributes. (CVE-2023-24038)
References
- https://bugs.mageia.org/show_bug.cgi?id=31495
- https://www.debian.org/lts/security/2023/dla-3296
- https://www.debian.org/security/2023/dsa-5339
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24038
Resolution
MGASA-2023-0096 - Updated perl-HTML-StripScripts packages fix security vulnerability
SRPMS
- 8/core/perl-HTML-StripScripts-1.60.0-3.1.mga8
Severity
Publication date: 18 Mar 2023
URL: https://advisories.mageia.org/MGASA-2023-0096.html
Type: security
CVE: CVE-2023-24038
News
HOWTOs
About Us
Powered By
