Lucene search
Redhat.comRH:CVE-2022-30580HistoryAug 16, 2022 - 9:38 a.m.
CVE-2022-30580
2022-08-1609:38:32
redhat.com
access.redhat.com
36
os/exec golang package
command injection
cve-2022-30580
binaries
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
14.2%
A flaw was found in the os/exec golang package. This issue occurs when invoking different Cmd methods and the Cmd.Path is unset. This could lead to a command injection, allowing an attacker to execute any binaries in the working directory.
Related
nvd
nvd
CVE-2022-30580
2022-08-10 20:15:40
osv
osv
BIT-golang-2022-30580
2024-03-06 11:00:32
Empty Cmd.Path can trigger unintended binary in os/exec on Windows
2022-07-26 21:41:20
CVE-2022-30580
2022-08-10 20:15:40
prion
prion
Code injection
2022-08-10 20:15:00
veracode
veracode
Injection Vulnerability
2022-07-26 00:31:08
cbl_mariner
cbl_mariner
CVE-2022-30580 affecting package golang 1.18.3-1
2022-09-17 05:56:44
CVE-2022-30580 affecting package golang for versions less than 1.18.5-1
2022-09-16 06:05:39
alpinelinux
alpinelinux
CVE-2022-30580
2022-08-10 20:15:40
cve
cve
CVE-2022-30580
2022-08-10 20:15:40
debiancve
debiancve
CVE-2022-30580
2022-08-10 20:15:40
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2022-30580
2022-08-10 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : go1.17 (SUSE-SU-2022:2004-1)
2022-06-08 00:00:00
SUSE SLED15 / SLES15 Security Update : go1.18 (SUSE-SU-2022:2005-1)
2022-06-08 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:2005-1)
2022-06-08 00:00:00
openSUSE: Security Advisory for go1.18 (SUSE-SU-2022:2005-1)
2022-06-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:2004-1)
2022-06-08 00:00:00
suse
suse
Security update for go1.18 (important)
2022-06-07 00:00:00
Security update for go1.17 (important)
2022-06-07 00:00:00
freebsd
freebsd
go -- multiple vulnerabilities
2022-06-01 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package golang version 1.18.3-alt1
2022-06-12 00:00:00
Security fix for the ALT Linux 10 package golang version 1.17.11-alt1.p10
2022-06-14 00:00:00
oraclelinux
oraclelinux
ol8addon security update
2022-07-12 00:00:00
go-toolset:ol8addon security update
2022-07-12 00:00:00
ibm
ibm
amazon
amazon
Important: golang
2023-04-13 19:28:00
Important: golang
2023-04-13 19:01:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0242
2022-09-07 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0242
2022-09-07 00:00:00
Critical Photon OS Security Update - PHSA-2022-0512
2022-09-06 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
14.2%
Related for RH:CVE-2022-30580