Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-3115

Опубликовано: 26 янв. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5.1
CVSS3: 7.5

Описание

Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

not-affected

windows only
devel

DNE

esm-infra-legacy/trusty

not-affected

windows only
esm-infra/bionic

not-affected

windows only
esm-infra/focal

DNE

focal

DNE

groovy

DNE

precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

not-affected

windows only

Показывать по

РелизСтатусПримечание
bionic

not-affected

windows only
devel

not-affected

windows only
esm-apps/bionic

not-affected

windows only
esm-apps/xenial

not-affected

windows only
esm-infra-legacy/trusty

DNE

esm-infra/focal

not-affected

windows only
focal

not-affected

windows only
groovy

not-affected

windows only
precise/esm

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

not-affected

windows only
esm-infra-legacy/trusty

DNE

esm-infra/focal

not-affected

windows only
focal

not-affected

windows only
groovy

not-affected

windows only
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

not-affected

windows only
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

not-affected

windows only
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

upstream

released

1.15.7-1

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

esm-infra/xenial

not-affected

windows only
focal

DNE

groovy

DNE

precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

windows only
devel

DNE

esm-apps/bionic

not-affected

windows only
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

windows only
devel

DNE

esm-apps/bionic

not-affected

windows only
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 30%
0.00107
Низкий

5.1 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-3115

CVSS3: 7.5
redhat
больше 4 лет назад

Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).

nvd логотип

CVE-2021-3115

CVSS3: 7.5
nvd
больше 4 лет назад

Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).

msrc логотип

CVE-2021-3115

CVSS3: 7.5
msrc
12 месяцев назад

Описание отсутствует

debian логотип

CVE-2021-3115

CVSS3: 7.5
debian
больше 4 лет назад

Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to ...

github логотип

GHSA-79cw-x93g-q95p

CVSS3: 7.5
github
около 3 лет назад

Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).

EPSS

Процентиль: 30%
0.00107
Низкий

5.1 Medium

CVSS2

7.5 High

CVSS3

Уязвимость CVE-2021-3115