Количество 13
Количество 13
CVE-2023-29404
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers.
CVE-2023-29404
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers.
CVE-2023-29404
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers.
CVE-2023-29404
CVE-2023-29404
The go command may execute arbitrary code at build time when using cgo ...
GHSA-888h-rm2r-vrc7
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers.
BDU:2023-04161
Уязвимость расширения Cgo языка программирования Go, позволяющая нарушителю выполнить произвольный код
SUSE-SU-2023:2526-1
Security update for go1.20
SUSE-SU-2023:2525-1
Security update for go1.19
RLSA-2023:3923
Critical: go-toolset and golang security update
ELSA-2023-3923
ELSA-2023-3923: go-toolset and golang security update (CRITICAL)
ELSA-2023-3922
ELSA-2023-3922: go-toolset:ol8 security update (CRITICAL)
ROS-20231109-01
Множественные уязвимости golang
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-29404 The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers. | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
 | CVE-2023-29404 The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers. | CVSS3: 7.5 | 0% Низкий | около 2 лет назад |
 | CVE-2023-29404 The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers. | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
 | CVSS3: 9.8 | 0% Низкий | около 2 лет назад | |
| CVE-2023-29404 The go command may execute arbitrary code at build time when using cgo ... | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
| GHSA-888h-rm2r-vrc7 The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers. | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
 | BDU:2023-04161 Уязвимость расширения Cgo языка программирования Go, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
 | SUSE-SU-2023:2526-1 Security update for go1.20 | около 2 лет назад | ||
| SUSE-SU-2023:2525-1 Security update for go1.19 | около 2 лет назад | ||
 | RLSA-2023:3923 Critical: go-toolset and golang security update | почти 2 года назад | ||
| ELSA-2023-3923 ELSA-2023-3923: go-toolset and golang security update (CRITICAL) | почти 2 года назад | ||
| ELSA-2023-3922 ELSA-2023-3922: go-toolset:ol8 security update (CRITICAL) | почти 2 года назад | ||
 | ROS-20231109-01 Множественные уязвимости golang | CVSS3: 9.8 | больше 1 года назад |
Уязвимостей на страницу