GHSA-5w89-2c2x-6x66

Опубликовано: 08 апр. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.

Ссылки

EPSS

Процентиль: 41%

0.00532

Низкий

8.8 High

CVSS3

CVE ID

CVE-2026-27140

Дефекты

CWE-863

Связанные уязвимости

CVE-2026-27140

CVSS3: 8.8

ubuntu

3 месяца назад

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.

CVE-2026-27140

CVSS3: 9

redhat

3 месяца назад

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.

CVE-2026-27140

CVSS3: 8.8

nvd

3 месяца назад

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.

CVE-2026-27140

msrc

26 дней назад

Code execution vulnerability in SWIG code generation in cmd/go

CVE-2026-27140

CVSS3: 8.8

debian

3 месяца назад

SWIG file names containing 'cgo' and well-crafted payloads could lead ...

EPSS

Процентиль: 41%

0.00532

Низкий

8.8 High

CVSS3

CVE ID

CVE-2026-27140

Дефекты

CWE-863