Описание
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
Ссылки
- PatchProduct
- Issue TrackingVendor Advisory
- Mailing ListRelease Notes
- Vendor AdvisoryPatch
Уязвимые конфигурации
Конфигурация 1Версия до 1.24.13 (исключая)Версия от 1.25.0 (включая) до 1.25.7 (исключая)
Одно из
cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
EPSS
Процентиль: 0%
0.00006
Низкий
8.6 High
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 8.6
ubuntu
около 2 месяцев назад
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
CVSS3: 7.4
redhat
около 2 месяцев назад
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
CVSS3: 8.6
debian
около 2 месяцев назад
A discrepancy between how Go and C/C++ comments were parsed allowed fo ...
CVSS3: 8.6
github
около 2 месяцев назад
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
CVSS3: 8.6
fstec
около 2 месяцев назад
Уязвимость компонента cmd/cgo языка программирования Go, позволяющая нарушителю выполнить произвольный код
EPSS
Процентиль: 0%
0.00006
Низкий
8.6 High
CVSS3
Дефекты
CWE-94