AZL-27150 CVE-2023-29404 affecting package msft-golang for versions less than 1.19.10-1
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...