CVE-2019-11888

Опубликовано: 13 мая 2019

Источник: debian

EPSS Низкий

Описание

Go through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with a non-nil token, which allows attackers to obtain sensitive information or gain privileges.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
golang-1.12	not-affected			package
golang-1.11	not-affected			package

Примечания

https://go-review.googlesource.com/c/go/+/176619

EPSS

Процентиль: 62%

0.00422

Низкий

Связанные уязвимости

CVE-2019-11888

CVSS3: 9.8

ubuntu

больше 6 лет назад

Go through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with a non-nil token, which allows attackers to obtain sensitive information or gain privileges.

CVE-2019-11888

CVSS3: 9.8

nvd

больше 6 лет назад

Go through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with a non-nil token, which allows attackers to obtain sensitive information or gain privileges.

GHSA-8g7j-8p7x-qq3c

github

больше 3 лет назад

Go through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with a non-nil token, which allows attackers to obtain sensitive information or gain privileges.

EPSS

Процентиль: 62%

0.00422

Низкий