12 matches found
Astra Linux - уязвимость в golang-1.19
The command go env command is documented as outputting a shell script containing the Go environment. However, go env does not sanitize the values it outputs. Therefore, executing its output as a shell script can lead to various malicious behaviors, including executing arbitrary commands or...
Output of "go env" does not sanitize values in cmd/go
...
BIT-GOLANG-2023-24531 Output of "go env" does not sanitize values in cmd/go
Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is...
AZL-79036 CVE-2023-24531 affecting package golang 1.25.7-1
Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is...
AZL-43110 CVE-2023-24531 affecting package golang for versions less than 1.21.0-1
Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is...
AZL-43104 CVE-2023-24531 affecting package msft-golang for versions less than 1.21.0-1
Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is...
AZL-52719 CVE-2023-24531 affecting package golang for versions less than 1.21.0-1
Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is...
CVE-2023-24531
Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is...
UBUNTU-CVE-2023-24531
Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is...
CVE-2023-24531
Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is...
GO-2024-2962 Output of "go env" does not sanitize values in cmd/go
Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is...
PT-2023-9548
Name of the Vulnerable Software and Affected Versions Go affected versions not specified Description The issue is related to the command go env which outputs a shell script containing the Go environment. However, go env does not sanitize the values, allowing for various bad behaviors when its...