10 matches found
EUVD-2023-32975
Malicious code in bioql PyPI...
BIT-GOLANG-2023-29404 Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...
EulerOS 2.0 SP11 : golang (EulerOS-SA-2023-2842)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which...
Oracle Linux 9 : go-toolset / and / golang (ELSA-2023-3923)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-3923 advisory. - New Go version 1.19.10 CVE-2023-29402 CVE-2023-29403 CVE-2023-29404 CVE-2023-29405 go-toolset Tenable has extracted the preceding description block...
AlmaLinux 9 : go-toolset and golang (ALSA-2023:3923)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3923 advisory. - The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cg...
CentOS 8 : go-toolset:rhel8 (CESA-2023:3922)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:3922 advisory. - The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses...
AZL-37337 CVE-2023-29404 affecting package golang for versions less than 1.21.6-1
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...
CVE-2023-29404
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...
CVE-2023-29404 Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...
GO-2023-1841 Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...