Lucene search
K

71 matches found

OSV
OSV
added 2023/06/08 9:15 p.m.35 views

CVE-2023-29404

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

9.8CVSS8.1AI score
Exploits0References8
OSV
OSV
added 2023/06/08 9:15 p.m.9 views

AZL-47146 CVE-2023-29404 affecting package golang for versions less than 1.22.7-2

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

9.8CVSS7AI score0.01837EPSS
Exploits0References1
OSV
OSV
added 2023/06/08 9:15 p.m.7 views

AZL-27123 CVE-2023-29405 affecting package msft-golang for versions less than 1.20.7-1

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS7AI score0.01728EPSS
Exploits0References1
OSV
OSV
added 2023/06/08 9:15 p.m.2 views

DEBIAN-CVE-2023-29405

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS7.9AI score0.01728EPSS
Exploits0References1
OSV
OSV
added 2023/06/08 9:15 p.m.8 views

AZL-37499 CVE-2023-29405 affecting package golang for versions less than 1.21.6-1

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS7AI score0.01728EPSS
Exploits0References1
OSV
OSV
added 2023/06/08 9:15 p.m.6 views

AZL-27150 CVE-2023-29404 affecting package msft-golang for versions less than 1.19.10-1

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

9.8CVSS7AI score0.01837EPSS
Exploits0References1
NVD
NVD
added 2023/06/08 9:15 p.m.26 views

CVE-2023-29405

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS9.7AI score0.01728EPSS
Exploits0References8
NVD
NVD
added 2023/06/08 9:15 p.m.18 views

CVE-2023-29404

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

9.8CVSS9.7AI score0.01837EPSS
Exploits0References8
OSV
OSV
added 2023/06/08 9:15 p.m.6 views

AZL-79012 CVE-2023-29405 affecting package golang 1.25.7-1

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS7AI score0.01728EPSS
Exploits0References1
OSV
OSV
added 2023/06/08 9:15 p.m.6 views

AZL-27110 CVE-2023-29405 affecting package golang for versions less than 1.20.7-1

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS7AI score0.01728EPSS
Exploits0References1
OSV
OSV
added 2023/06/08 9:15 p.m.3 views

DEBIAN-CVE-2023-29404

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

9.8CVSS7.6AI score0.01837EPSS
Exploits0References1
OSV
OSV
added 2023/06/08 9:15 p.m.1 views

UBUNTU-CVE-2023-29405

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS7AI score0.01728EPSS
Exploits0References10
Prion
Prion
added 2023/06/08 9:15 p.m.31 views

Command injection

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

7.5CVSS9.5AI score0.01728EPSS
Exploits0References7Affected Software2
Prion
Prion
added 2023/06/08 9:15 p.m.34 views

Command injection

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

7.5CVSS9.6AI score0.01837EPSS
Exploits0References7Affected Software2
Cvelist
Cvelist
added 2023/06/08 8:19 p.m.32 views

CVE-2023-29405 Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.9AI score0.01728EPSS
Exploits0References7
CVE
CVE
added 2023/06/08 8:19 p.m.559 views

CVE-2023-29405

CVE-2023-29405 affects the Go toolchain when using cgo with the go command. The vulnerability arises from how linker flags are parsed in #cgo LDFLAGS, where flags containing embedded spaces can be smuggled through LDFLAGS sanitization, and this only affects the gccgo workflow. The impact is poten...

9.8CVSS9.6AI score0.01728EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/08 8:19 p.m.5 views

CVE-2023-29405 Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.7AI score0.01728EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2023/06/08 8:19 p.m.49 views

CVE-2023-29405

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS7.8AI score0.01728EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2023/06/08 8:19 p.m.62 views

CVE-2023-29405

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS9.8AI score0.01728EPSS
Exploits0
CVE
CVE
added 2023/06/08 8:19 p.m.544 views

CVE-2023-29404

The CVE-2023-29404 description is corroborated by connected advisories: it concerns the go command executing code at build time when using cgo, triggered by LDFLAGS in a #cgo LDFLAGS directive, affecting gc and gccgo. The root cause is improper handling of certain linker flags, allowing disallowe...

9.8CVSS9.2AI score0.01837EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder