Количество 12
Количество 12
CVE-2023-29405
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.
CVE-2023-29405
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.
CVE-2023-29405
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.
CVE-2023-29405
The go command may execute arbitrary code at build time when using cgo ...
GHSA-68g3-2p3g-w9pq
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.
BDU:2023-04160
Уязвимость расширения Cgo языка программирования Go, позволяющая нарушителю выполнить произвольный код
SUSE-SU-2023:2526-1
Security update for go1.20
SUSE-SU-2023:2525-1
Security update for go1.19
RLSA-2023:3923
Critical: go-toolset and golang security update
ELSA-2023-3923
ELSA-2023-3923: go-toolset and golang security update (CRITICAL)
ELSA-2023-3922
ELSA-2023-3922: go-toolset:ol8 security update (CRITICAL)
ROS-20231109-01
Множественные уязвимости golang
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-29405 The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler. | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
 | CVE-2023-29405 The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler. | CVSS3: 7.5 | 0% Низкий | около 2 лет назад |
 | CVE-2023-29405 The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler. | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
| CVE-2023-29405 The go command may execute arbitrary code at build time when using cgo ... | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
| GHSA-68g3-2p3g-w9pq The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler. | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
 | BDU:2023-04160 Уязвимость расширения Cgo языка программирования Go, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
 | SUSE-SU-2023:2526-1 Security update for go1.20 | около 2 лет назад | ||
| SUSE-SU-2023:2525-1 Security update for go1.19 | около 2 лет назад | ||
 | RLSA-2023:3923 Critical: go-toolset and golang security update | почти 2 года назад | ||
| ELSA-2023-3923 ELSA-2023-3923: go-toolset and golang security update (CRITICAL) | почти 2 года назад | ||
| ELSA-2023-3922 ELSA-2023-3922: go-toolset:ol8 security update (CRITICAL) | почти 2 года назад | ||
 | ROS-20231109-01 Множественные уязвимости golang | CVSS3: 9.8 | больше 1 года назад |
Уязвимостей на страницу