Go through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with a non-nil token, which allows attackers to obtain sensitive information or gain privileges.
CPE | Name | Operator | Version |
---|---|---|---|
go | eq | go1.10rc1 | |
go | eq | weekly.2011-07-07 | |
go | eq | weekly.2010-11-10 | |
go | eq | weekly.2011-09-01 | |
go | eq | weekly.2010-07-29 | |
go | eq | go1.7rc4 | |
go | eq | go1.7beta1 | |
go | eq | weekly.2010-10-20 | |
go | eq | weekly.2010-11-23 | |
go | eq | weekly.2011-10-18 |