Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a #cgo directive.

osv 3

redhatcve 2

cbl_mariner 1

veracode 1

alpinelinux 1

debiancve 1

prion 1

ubuntucve 1

cve 1

nessus 23

mageia 1

ibm 11

photon 3

openvas 12

fedora 2

amazon 2

archlinux 1

freebsd 1

altlinux 2

redhat 4

oraclelinux 1

almalinux 1

gentoo 1

osv

BIT-golang-2020-28367

2024-03-06 11:07:32

Arbitrary code execution via the go command with cgo in cmd/go

2022-07-28 17:24:43

CVE-2020-28367

2020-11-18 17:15:12

redhatcve

CVE-2020-28367

2020-11-13 18:14:47

CVE-2021-3115

2021-01-21 15:05:15

cbl_mariner

CVE-2020-28367 affecting package golang 1.13.15-2

2021-07-08 21:56:48

veracode

Command Injection

2020-11-19 06:14:27

alpinelinux

CVE-2020-28367

2020-11-18 17:15:12

debiancve

CVE-2020-28367

2020-11-18 17:15:12

prion

Code injection

2020-11-18 17:15:00

ubuntucve

CVE-2020-28367

2020-11-18 00:00:00

cve

CVE-2020-28367

2020-11-18 17:15:12

nessus

EulerOS 2.0 SP8 : golang (EulerOS-SA-2021-1144)

2021-02-01 00:00:00

Photon OS 3.0: Go PHSA-2020-3.0-0173

2020-12-10 00:00:00

FreeBSD : go -- math/big: panic during recursive division of very large numbers; cmd/go: arbitrary code execution at build time through cgo (db4b2f27-252a-11eb-865c-00155d646400)

2020-11-13 00:00:00

mageia

Updated golang packages fix security vulnerabilities

2021-01-10 22:46:12

ibm

Security Bulletin: IBM MQ certified container software is vulnerable to multiple vulnerabilities within Golang Go (CVE-2020-28367, CVE-2020-28366)

2021-02-02 16:56:07

Security Bulletin: IBM Event Streams is affected by multiple Go vulnerabilities

2021-01-15 14:41:11

Security Bulletin: Upgrade to IBP v2.5.1 to address recent concerns/issues with Golang versions other than 1.14.12

2021-01-05 19:40:51

photon

Important Photon OS Security Update - PHSA-2020-0173

2020-12-09 00:00:00

Important Photon OS Security Update - PHSA-2020-3.0-0173

2020-12-09 00:00:00

Critical Photon OS Security Update - PHSA-2022-0476

2022-03-03 00:00:00

openvas

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-1144)

2021-02-02 00:00:00

Mageia: Security Advisory (MGASA-2021-0018)

2022-01-28 00:00:00

SUSE: Security Advisory (SUSE-SU-2020:3368-1)

2021-06-09 00:00:00

fedora

[SECURITY] Fedora 32 Update: golang-1.14.13-1.fc32

2020-12-16 01:27:45

[SECURITY] Fedora 33 Update: golang-1.15.5-1.fc33

2020-11-23 01:08:21

amazon

Medium: golang

2021-01-12 22:52:00

Medium: golang

2021-01-05 23:34:00

archlinux

[ASA-202011-16] go: multiple issues

2020-11-17 00:00:00

freebsd

go -- math/big: panic during recursive division of very large numbers; cmd/go: arbitrary code execution at build time through cgo

2020-11-09 00:00:00

altlinux

Security fix for the ALT Linux 10 package golang version 1.15.5-alt1

2020-11-14 00:00:00

Security fix for the ALT Linux 9 package golang version 1.15.5-alt1

2020-11-14 00:00:00

redhat

(RHSA-2020:5333) Moderate: go-toolset-1.14-golang security update

2020-12-03 10:58:57

(RHSA-2020:5493) Moderate: go-toolset:rhel8 security update

2020-12-15 16:02:27

(RHSA-2021:0145) Moderate: Red Hat OpenShift Serverless Client kn 1.12.0

2021-01-14 13:24:15

oraclelinux

go-toolset:ol8 security update

2020-12-22 00:00:00

almalinux

Moderate: go-toolset:rhel8 security update

2020-12-15 16:02:27

gentoo

Go: Multiple Vulnerabilities

2022-08-04 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.4 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.1%

JSON

Related for CVELIST:CVE-2020-28367