Количество 12
Количество 12
BDU:2023-04160
Уязвимость расширения Cgo языка программирования Go, позволяющая нарушителю выполнить произвольный код
ROS-20231109-01
Множественные уязвимости golang
CVE-2023-29405
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.
CVE-2023-29405
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.
CVE-2023-29405
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.
CVE-2023-29405
The go command may execute arbitrary code at build time when using cgo ...
GHSA-68g3-2p3g-w9pq
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.
SUSE-SU-2023:2526-1
Security update for go1.20
SUSE-SU-2023:2525-1
Security update for go1.19
RLSA-2023:3923
Critical: go-toolset and golang security update
ELSA-2023-3923
ELSA-2023-3923: go-toolset and golang security update (CRITICAL)
ELSA-2023-3922
ELSA-2023-3922: go-toolset:ol8 security update (CRITICAL)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2023-04160 Уязвимость расширения Cgo языка программирования Go, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
 | ROS-20231109-01 Множественные уязвимости golang | CVSS3: 9.8 | больше 1 года назад | |
 | CVE-2023-29405 The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler. | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
 | CVE-2023-29405 The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler. | CVSS3: 7.5 | 0% Низкий | около 2 лет назад |
 | CVE-2023-29405 The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler. | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
| CVE-2023-29405 The go command may execute arbitrary code at build time when using cgo ... | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
| GHSA-68g3-2p3g-w9pq The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler. | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
 | SUSE-SU-2023:2526-1 Security update for go1.20 | около 2 лет назад | ||
| SUSE-SU-2023:2525-1 Security update for go1.19 | около 2 лет назад | ||
 | RLSA-2023:3923 Critical: go-toolset and golang security update | почти 2 года назад | ||
| ELSA-2023-3923 ELSA-2023-3923: go-toolset and golang security update (CRITICAL) | почти 2 года назад | ||
| ELSA-2023-3922 ELSA-2023-3922: go-toolset:ol8 security update (CRITICAL) | почти 2 года назад |
Уязвимостей на страницу