5 matches found
EUVD-2024-22164
Malicious code in bioql PyPI...
BIT-GOLANG-2025-22867
On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the @executablepath, @loaderpath, or @rpath special values in a "cgo LDFLAGS" directive. This issue only affected go1.24rc2...
CVE-2025-22867
CVE-2025-22867 : In Go on Darwin, building a module with CGO can trigger arbitrary code execution when using the Apple ld if a Go linker flag uses runtime path keywords (@executable_path, @loader_path, @rpath). The root cause is tied to how these paths are handled in a "#cgo LDFLAGS" directive. T...
BIT-GOLANG-2024-24787 Arbitrary code execution during build on Darwin in cmd/go
On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -ltolibrary flag in a "cgo LDFLAGS" directive...
Golang < 1.21.10, 1.22.x < 1.22.3 Code Execution
The version of Golang running on the remote host is prior to 1.21.10 or 1.22.x prior to 1.22.3. It is, therefore, affected by a code execution vulnerability. On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of...